Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Improving IT Architecture Modeling Through Automation: Cyber Security Analysis of Smart Grids
KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering. (Software Systems Architecture and Security Analysis)ORCID iD: 0000-0003-1464-6163
2018 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Contemporary organizations depend on IT to reach their goals but the organizations are constantly adapting to changing market conditions and these changes need to be reflected in the IT architecture. Modeling is often used to manage complex architectures allowing to abstract details and focus on the most important aspects. Metamodels are central to modeling and used as a mechanism for modeling different phenomena and describing evolving designs such as IT architectures. However, it can be difficult to model IT architecture especially in large organizations due to the amount and diversity of systems, software, data, et cetera. Previous studies have found problems with metamodels and the support modeling tools provide to the users. The topics mentioned by numerous authors are lacking cyber security analysis capabilities and the support for automated model creation using enterprise data. These two topics are studied in this thesis with the focus on smart grids. 

The contribution of this thesis is to offer support for IT architecture modeling processes with the following propositions that are described in four papers. The contribution includes a metamodel extension for analyzing insider threats and reachability (Paper A), a framework for automatic modeling (Paper B), a framework for improving semantic accuracy and granularity matching in automatic modeling (Paper C) and a reference model for cyber security analysis of smart grid load balancing (Paper D).

Abstract [sv]

Idag är många verksamheter beroende av IT för att nå sina mål. Organisationer anpassar sig dock ständigt till förändrade marknadsförhållanden och dessa förändringar måste återspeglas i IT-arkitekturen. Modellering används ofta för att hantera komplexa system, då det möjliggör abstraktion av detaljer och fokus på de viktigaste delarna av systemet. Metamodeller är viktiga för modellering och används som ett verktyg för att modellera fenomen för olika IT-arkitekturer. Att modellera IT-arkitekturer kan dock vara svårt, särskilt i stora organisationer med många olika system, program, data osv. Tidigare forskning har funnit problem med metamodeller och verktygsstöd. Ämnen som nämns av många författare är problemen med hotanalyskapacitet och stöd för automatiserad modelluppbyggnad från företagsdata. Dessa två ämnen studeras i denna avhandling med fokus på smarta elnät.

Bidraget i denna avhandling är att erbjuda stöd för IT-arkitekturmodelleringsprocesser med följande förslag som beskrivs i fyra papper. Bidraget innefattar en utvidgad metamodell för att analysera interoperabilitet och tillgänglighet avseende cybersäkerhet (artikel A), ett ramverk för automatisk modellering (artikel B), ett ramverk för förbättring av semantisk noggrannhet och granularitetsmatchning i automatisk modellering (artikel C) och en referensmodell för analys av cybersäkerhet vid lastbalansering av smarta elnät (artikel D).

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2018. , p. 44
Series
TRITA-EECS-AVL ; 2018:63
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
URN: urn:nbn:se:kth:diva-235347ISBN: 978-91-7729-931-8 (print)OAI: oai:DiVA.org:kth-235347DiVA, id: diva2:1250258
Public defence
2018-10-15, F3, Lindstedtsvägen 26, Stockholm, 15:00 (English)
Opponent
Supervisors
Note

QC 20180924

Available from: 2018-09-24 Created: 2018-09-22 Last updated: 2018-10-10Bibliographically approved
List of papers
1. Integrated metamodel for security analysis
Open this publication in new window or tab >>Integrated metamodel for security analysis
2015 (English)In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), IEEE Computer Society, 2015, p. 5192-5200Conference paper, Published paper (Refereed)
Abstract [en]

This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cybersecurity with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cybersecurity modeling and evaluation, (PCySeMoL)-Cy-2, and incorporates several new elements and evaluation rules. The approach improves security analysis by combining two ways of evaluating reachability: one which considers ordinary user activity and another, which considers technically advanced techniques for penetration and attack. It is thus permitting to evaluate security in interoperability terms by revealing attack possibilities of legitimate users. Combined with data import from various sources, like an enterprise architecture data repository, the instantiations of the proposed metamodel allow for a more holistic overview of the threats to the architecture than the previous version. Additional granularity is added to the analysis with the reachability need concept and by enabling the consideration of unavailable and unreliable systems.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015
Series
Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1060-3425
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-181009 (URN)10.1109/HICSS.2015.613 (DOI)000366264105039 ()2-s2.0-84944219720 (Scopus ID)978-1-4799-7367-5 (ISBN)
Conference
48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI
Note

QC 20160126

Available from: 2016-01-26 Created: 2016-01-26 Last updated: 2018-09-22Bibliographically approved
2. A framework for automatic IT architecture modeling: applying truth discovery
Open this publication in new window or tab >>A framework for automatic IT architecture modeling: applying truth discovery
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Modeling IT architecture is a complex, time consuming, and error prone task. However, many systems produce information that can be used in order to automate modeling. Early studies show that this is a feasible approach if we can overcome certain obstacles. Often more than one source is needed in order to cover the data requirements of an IT architecture model and the use of multiple sources means that heterogeneous data needs to be merged. Moreover, the same collection of data might be useful for creating more than one kind of model for decision support.

IT architecture is constantly changing and data sources provide information that can deviate from reality to some degree. There can be problems with varying accuracy (e.g. actuality and coverage), representation (e.g. data syntax and file format), or inconsistent semantics. Thus, integration of heterogeneous data from different sources needs to handle data quality problems of the sources. This can be done by using probabilistic models. In the field of truth discovery, these models have been developed to track data source trustworthiness in order to help solving conflicts while making quality issues manageable for automatic modeling.

We build upon previous research in modeling automation and propose a framework for merging data from multiple sources with a truth discovery algorithm to create multiple IT architecture models. The usefulness of the proposed framework is demonstrated in a study where models using three tools are created, namely; Archi, securiCAD, and EMFTA.

Keywords
IT architecture modeling, System modeling, Automatic data collection, Automatic modeling
National Category
Engineering and Technology Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Information and Communication Technology
Identifiers
urn:nbn:se:kth:diva-235386 (URN)
Note

QC 20180926

Available from: 2018-09-24 Created: 2018-09-24 Last updated: 2018-09-26Bibliographically approved
3. Increasing Precision in IT Architecture Modeling using an Ontology Framework
Open this publication in new window or tab >>Increasing Precision in IT Architecture Modeling using an Ontology Framework
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Modeling is a vital part of IT architecture management. However, it is a complex and resource demanding task. Automation of IT architecture modeling aims to simplify model creation using data already available. The data collected from enterprise systems, however, often lacks context. One reason is that the automated models become less precise in terms of domain knowledge than the ones that an expert human modeler would create. The lack of domain knowledge in modeling automation can be addressed with ontologies. In this paper we introduce an ontology based framework that has been developed to complement heterogeneous data from enterprise systems for the purpose of automatic modeling. The ontology itself is stored as a graph in a graph database. The framework is able to use the captured ontology to standardize software names for merging data across multiple sources, classify software products and vulnerabilities, and to group software names and data flows to adapt the granularity level of the data used in the model. The framework is shown to improve the precision of enterprise data and help to abstract the information to the required level in a case study. Three different data sets from a small scale utility lab, from a water utility control network, and from a university IT environment are analyzed.

Keywords
IT architecture modeling, Ontology framework, Automatic modeling
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Information and Communication Technology
Identifiers
urn:nbn:se:kth:diva-235387 (URN)
Note

QC 20180926

Available from: 2018-09-24 Created: 2018-09-24 Last updated: 2018-09-26Bibliographically approved
4. Load Balancing of Renewable Energy: A Cyber Security Analysis
Open this publication in new window or tab >>Load Balancing of Renewable Energy: A Cyber Security Analysis
Show others...
2018 (English)In: Energy InformaticsArticle in journal (Refereed) Accepted
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-230939 (URN)
Funder
StandUp
Note

QCR 20180620

Available from: 2018-06-18 Created: 2018-06-18 Last updated: 2019-03-05Bibliographically approved

Open Access in DiVA

fulltext(23943 kB)93 downloads
File information
File name FULLTEXT01.pdfFile size 23943 kBChecksum SHA-512
366638d2ea166093b73d601f0abeba509feeef04ea5081dc19d0045530763d84a189d4bf49541ea241657eae468cc0d6a08b05d8364dc61147a2dce08561da75
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Välja, Margus
By organisation
Network and Systems engineering
Other Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 93 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 563 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf