SIGNAL+DRAHT | Ausgabe 05/2022
Software-supported threat analysis using attack graphs
Threat assessments, including assessments of their impact and probability of occurrence, are necessary in order to determine the requirements within the cybersecurity context. Previous software tools have not been able to adequately depict the complexity of the railway sector. The attack graph methodology supported by an open-source software tool supports IT and OT security risk analysis by displaying the threats and their effects on the asset. The tool aggregates the assessment made in an attribute vector in order to form an overall risk that takes into consideration any established countermeasures and their risk-reducing effect...