paper 35_using sysml for model-based vulnerability assessment_soroush_bassam_031615_2-2
TRANSCRIPT
CSER 2015 March 18-19, 2015 1
Using SysML for model-based vulnerability assessment
BySoroush Bassam, Jeffrey W. Herrmann, Linda C. Schmidt
13th Annual Conference on Systems Engineering Research (CSER)
March 19, 2015
Stevens Institute of TechnologyHoboken, NJ
www.stevens.edu/sse/CSER2015org
CSER 2015 March 18-19, 2015 2
• Physical Protection Systems―Objectiveo To protect assets from threats
―Elementso People (e.g. response force)o Procedure (e.g. alarm assessment)o Components (e.g. sensors)
―Functions o Detectiono Delay o Response
• Vulnerability Assessment―VA Evaluation Processo PPS Objective determinationo PPS Designo PPS Analysis
―Performance-based vs. Compliance-basedo Performance vs. Presenceo Models vs. Checklists
• Model-based Systems Engineering (MBSE)―Structure Models―Behavior Models
Introduction
Coherent model of the system
CSER 2015 March 18-19, 2015 3
Vulnerability Assessment Evaluation Process
1) PPS objective determination
• Facility characterization
• Asset identification
• Threat identification
2) PPS design
• Detection• Delay• Response
3) PPS Analysis
• EASI Model• Adversary
Sequence Diagram (ASD)
CSER 2015 March 18-19, 2015 4
Vulnerability Assessment Evaluation Process
1) PPS objective determination
• Facility characterization
• Asset identification
• Threat identification
2) PPS design
• Detection• Delay• Response
3) PPS Analysis
• EASI Model• Adversary
Sequence Diagram (ASD)
Facility Model
PPS Model
PPS Model
EASI Model
Scenario Model
Adversary Model
CSER 2015 March 18-19, 2015 5
Using SysML Models for an Example Facility*
Element Icon
Fence
Exterior Sensor
CCTV
Light
Gate/Roll-Up Door
Interior Sensor *
Wall
Personnel/Cargo flow
Asset
Adversary Path
Adversary Task
*Source: Garcia, Vulnerability Assessment, 2006
Facility Description:• Building: Office area; Storage area; Staging area• PPS Components: Fence, Sensors, CCTV, Light, Gate• Asset located in the controlled room
List of symbols
CSER 2015 March 18-19, 2015 6
Facility Characterization And Asset Identification Using SysML BDD
CSER 2015 March 18-19, 2015 7
Threat Identification Using SysML BDD
CSER 2015 March 18-19, 2015 8
PPS Detection and Delay Representation Using SysML BDD
CSER 2015 March 18-19, 2015 9
PPS Response Representation Using SysML BDD
CSER 2015 March 18-19, 2015 10
PPS Analysis Using SysML Activity Diagram
Adversary tasks:1. crossing the perimeter2. running to the roll-up door3. penetrating through the roll-up door4. running to the storage vault5. stealing the asset6. exiting to outside7. crossing the perimeter8. entering the second vehicle ASD Diagram
CSER 2015 March 18-19, 2015 11
PPS Analysis Using SysML Activity Diagram
CSER 2015 March 18-19, 2015 12
PPS Analysis Using SysML Activity Diagram
CSER 2015 March 18-19, 2015 13
SysML Parametric Diagram EASI Model
PPS Analysis Using SysML Parametric Diagram
Estimate of Adversary Sequence Interruption (EASI) Model:• A quantitative analysis tool• Uses performance characteristics of
PPS components• Determines the PPS performance for a
specific threat and attack scenario
CSER 2015 March 18-19, 2015 14
SysML Parametric Diagram EASI Model
PPS Analysis Using SysML Parametric Diagram
Estimate of Adversary Sequence Interruption (EASI) Model:• A quantitative analysis tool• Uses performance characteristics of
PPS components• Determines the PPS performance for a
specific threat and attack scenario
CSER 2015 March 18-19, 2015 15
Facility Model
PPS Model
PPS Model
Adversary Model
EASI ModelScenario Model
A Set of Interconnected Models
CSER 2015 March 18-19, 2015 16
Summary and Conclusion
• A set of interconnected models facilitates modification of information and reduces the time and cost of conducting VA
• This is a step toward model based VA; Future studies will be focused on defining a structured procedure independent of a particular case
• Development of standards will further facilitate VA tool development
CSER 2015 March 18-19, 2015 17
Thank you!