Integrated Metamodel for Security Analysis

This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cybersecurity with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cyber security modeling and evaluation, P²CySeMoL, and incorporates several new elements and evaluation rules. The approach improves security analysis by combining two ways of evaluating reach ability: one which considers ordinary user activity and another, which considers technically advanced techniques for penetration and attack. It is thus permitting to evaluate security in interoperability terms by revealing attack possibilities of legitimate users. Combined with data import from various sources, like an enterprise architecture data repository, the instantiations of the proposed metamodel allow for a more holistic overview of the threats to the architecture than the previous version. Additional granularity is added to the analysis with the reach ability need concept and by enabling the consideration of unavailable and unreliable systems.