Automating security processing of Integration flows : Automating input processing for Attack Simulations using Meta Attack Language and Common Vulnerability and Exposures

Abstract: In our ever evolving society security becomes more and more important as a lot of our lives move online. Performing security analysis of IT-systems is a cumbersome process requiring extensive domain knowledge and tailored analysis per system. Research shows that manual tasks are error prone. In this thesis we have implemented an automation of performing security analysis of integration flows, building on an earlier project between KTH and SAP. To perform the analysis Common Vulnerability and Exposure-records containing information about vulnerabilities are connected to relevant parts of the system utilizing Meta Attack Language. The vulnerabilities are weighted according to their impact and then attack simulations are performed in the program SecuriCAD. Automating the input for the attack simulations removes an earlier manual task. Utilizing coreLang which is an implementation of MAL that is generally applicable means that the automated process can be used to perform analysis on integration flows in general. Domain knowledge is still needed to configure the automated process. More work can be done in the future to continue automating further tasks in the process. More work can also be done on visualizing security analysis to make the results more available to a general audience