Visible to the public Mitigating Security Threats through the Use of Security Tactics to Design Secure Cyber-Physical Systems (CPS)

TitleMitigating Security Threats through the Use of Security Tactics to Design Secure Cyber-Physical Systems (CPS)
Publication TypeConference Paper
Year of Publication2019
AuthorsOrellana, Cristian, Villegas, Mónica M., Astudillo, Hernán
Conference NameProceedings of the 13th European Conference on Software Architecture - Volume 2
Date Publishedsep
PublisherAssociation for Computing Machinery
Conference LocationParis, France
ISBN Number978-1-4503-7142-1
Keywordsarchitectural tactics, Collaboration, composability, ipv6 security, Metrics, policy-based governance, pubcrawl, quality attributes, resilience, Resiliency, security, security threats, software architecture, STRIDE, Trade-Offs
AbstractCyber-Physical Systems (CPS) attract growing interest from architects and attackers, given their potential effect on privacy and safety of ecosystems and users. Architectural tactics have been proposed as a design-time abstraction useful to guide and evaluate systems design decisions that address specific system qualities, but there is little published evidence of how Security Tactics help to mitigate security threats in the context of Cyber-Physical Systems. This article reports the principled derivation of architectural tactics for an actual SCADA-SAP bridge, where security was the key concern; the key inputs were (1) a well-known taxonomies of architectural tactics, and (2) a detailed record of trade-offs among these tactics. The project architects used client-specified quality attributes to identify relevant tactics in the taxonomy, and information on their trade-offs to guide top-level decisions on system global shape. We venture that all architectural tactics taxonomies should be enriched with explicit trade-offs, allowing architects to compare alternative solutions that seem equally good on principle but are not so in practice.
Citation Keyorellana_mitigating_2019