Flexible, Collaborative and Multi-type Ontology-based Security Analysis of Industrial Systems

Tracking #: 2873-4087

This paper is currently under review
Florian Patzer
Jürgen Beyerer

Responsible editor: 
Sabrina Kirrane

Submission type: 
Full Paper
Security analysis, like configuration, compliance, threat and vulnerability analysis or alert interpretation and correlation, is highly complex for (industrial) systems. Therefore, it requires computational support with a high degree of automation. For such analysis solutions, ontological models have been intensively investigated in research and found to be beneficial. However, scalable automated and ontology-based solutions lack concepts and methods to allow the support of a system’s security life cycle and multiple analysis types. Moreover, such solutions currently neither support individual networking strategies and security policies a corporation defines, nor the exploitation of the knowledge of security and knowledge engineering communities, to provide optimizations and sufficient problem coverage. This article presents and discusses an evaluated framework addressing these issues and identifies remaining research gaps. The framework was developed using a separation-of-concerns- and workflow-based approach enabling flexible, interdependent model processing steps and is available as open-source to be applied and enhanced by the community.
Full PDF Version: 
Under Review