Integrating threat modeling and automated test case generation into industrialized software security testing

Autoren Stefan Marksteiner
Rudolf Ramler
Hannes Sochor
Editoren
Titel Integrating threat modeling and automated test case generation into industrialized software security testing
Buchtitel Proceedings of the 3rd Central European Cybersecurity Conference (CECC 2019)
Typ in Konferenzband
Verlag ACM
ISBN 978-1-4503-7296-1
DOI 10.1145/3360664.3362698
Monat November
Jahr 2019
Seiten article no. 25
SCCH ID# 19077
Abstract

Industrial Internet of Things (IIoT) application provide a whole new set of possibilities to drive efficiency of industrial production forward. However, with the higher degree of integration among systems, comes a plethora of new threats to the latter, as they are not yet designed to be broadly reachable and interoperable. To mitigate these vast amount of new threats, systematic and automated test methods are necessary. This comprehensiveness can be achieved by thorough threat modeling. In order to automate security test, we present an approach to automate the testing process from threat modeling onward, closing the gap between threat modeling and automated test case generation.