Our colleagues from KTH and foreseeti, got another paper published on “coreLang” that provides common assets that are needed for modelling IT environments in their Meta Attack Language. The abstract is as follows:
Cyber-attacks on IT infrastructures can have disastrous con-sequences for individuals, regions, as well as whole nations. In order torespond to these threats, the cyber security assessment of IT infrastruc-tures can foster a higher degree of safety and resilience against cyber-attacks. Therefore, the use of attack simulations based on system ar-chitecture models is proposed. To reduce the effort of creating new at-tack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of theconsidered domain.
Previously, MAL (the Meta Attack Language) was proposed, which servesas a framework to develop DSLs and generate attack graphs for mod-eled infrastructures. In this article, we propose coreLang as a MAL-basedDSL for modeling IT infrastructures and analyzing weaknesses related toknown attacks. To model domain-specific attributes, we studied existingcyber-attacks to develop a comprehensive language, which was iterativelyverified through a series of brainstorming sessions with domain modelers.Finally, this first version of the language was validated against knowncyber-attack scenarios.
Interested in reading more? You can read the pre-print here.