Visible to the public In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis

TitleIn-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis
Publication TypeConference Paper
Year of Publication2017
AuthorsVernotte, A., Johnson, P., Ekstedt, M., Lagerström, R.
Conference Name2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)
Date Publishedoct
KeywordsAnalytical models, Architectural Analysis, architectural cyber security analysis, Attack Graphs, composability, Computer architecture, computer security, cybersecurity analysis, Hardware, hardware components, ICT systems, integrated modelling language, invasive software, Metrics, Operating systems, pubcrawl, pwnPr3d modelling approach, resilience, Resiliency, self-replicating malware, Unix, UNIX operating system, UNIX operating systems

ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level of details. To illustrate this capability, we present in this paper the metamodel of UNIX, operating systems being the core of every software and every IT system. After describing the main UNIX constituents and how they have been modelled, we illustrate how the modelled OS integrates within pwnPr3d's rationale by modelling the spreading of a self-replicating malware inspired by WannaCry.

Citation Keyvernotte_-depth_2017