Visible to the public Biblio

Filters: Author is Xiong, Wenjun  [Clear All Filters]
2020-02-26
Xiong, Wenjun, Carlsson, Per, Lagerström, Robert.  2019.  Re-Using Enterprise Architecture Repositories for Agile Threat Modeling. 2019 IEEE 23rd International Enterprise Distributed Object Computing Workshop (EDOCW). :118–127.

Digitization has increased exposure and opened up for more cyber threats and attacks. To proactively handle this issue, enterprise modeling needs to include threat management during the design phase that considers antagonists, attack vectors, and damage domains. Agile methods are commonly adopted to efficiently develop and manage software and systems. This paper proposes to use an enterprise architecture repository to analyze not only shipped components but the overall architecture, to improve the traditional designs represented by legacy systems in the situated IT-landscape. It shows how the hidden structure method (with Design Structure Matrices) can be used to evaluate the enterprise architecture, and how it can contribute to agile development. Our case study uses an architectural descriptive language called ArchiMate for architecture modeling and shows how to predict the ripple effect in a damaging domain if an attacker's malicious components are operating within the network.