Combining MAL-based DSMLs for multi-domain cyber threat modelling

Abstract: The Meta Attack Language (MAL) is a meta language used to define domain-specific modelling languages (DSMLs) for cyber threat modelling. These modelling languages define the objects and properties of a specific domain (say, a cloud service) which can then model real-life systems built in that domain (say, a website hosted in that cloud service). You can then simulate cyber attacks on these models to find vulnerabilities. However, in reality single-domain systems are very rare, meaning that single-domain simulations often miss vital attack paths. This paper explores how to integrate two single-domain MAL-based languages into a coherent modelling language capable of modelling both domains at once. It finds that in this context the preferred method of integration is extending one language with the objects of the other, allowing not only multi-domain modelling but also reducing code duplication and allowing feature-inheritance. Additionally, the paper explores how to handle arbitrary combinations of MAL-based languages. It suggests an addition to the MAL-syntax to accommodate such combinations, and discusses how to address various corner cases and pitfalls.