azureLang: Cyber Threat Modelling in Microsoft Azure cloud computing environment

Abstract: When assessing network systems, security has always been one of the priorities.Cyber threat modelling is one of the most suitable methods. From a startingpoint to each valuable asset, the simulation can enable the users to explore certainsecurity weaknesses alongside the attack path. In the end, the time to compromiseshows the security level of the whole system.In principle, most cyber threat models can be built and simulated by attack graphswhere each point in the graph can stand for a certain asset in the network system.However, different systems have different infrastructures and implementations.As a result, it will be more suitable if engineers can develop a domain specificlanguage (DSL) which can be associated with a specific attack graph in order toimprove accuracy and efficiency.In this master thesis work, the final outcome is azureLang, a cyber threat modelinglanguage based on Meta Attack Language (MAL) for Microsoft Azure cloudcomputing environment. Compatible with securiCAD®, a CAD tool developedby Foreseeti AB, a threat model can be built and then be simulated.