Refining a Network Model Concerning Network Security Risk Analysis

Abstract: P²CySeMoL is a framework in which security risks are calculated and presented with a value referring to the probability that an attack will succeed in a system, mainly SCADA systems. This thesis covers the creation of a more granular network module for the P²CySeMoL security riskanalysis framework to better be able to represent a network in concrete modules and to enable security riskanalysis on a network infrastructure at a greater detail. This paper outlines the creation of a network module with the base in the OSI model. It is replicated in a way that the network module is an extension to the P²CySeMoL metamodel, without interfering and restructuring it. It also covers a smaller survey to verify and get feedback about the created module from security and network experts and analysis of the survey. The conclusion is made that the network module is a good base to build upon and reflects to good degree a model needed to do security risk analysis on a network infrastructure and suggestions about further validation and research to improve the module are outlined. This thesis was produced in cooperation with Spotify AB and parts of the team behind P²CySeMoL at the ICS department at KTH.