A Multidimensional Cyber Threat Scenario Enumeration Model for Resilience Engineering

Abstract

Many frameworks have been proposed for analyzing and enhancing the cyber resilience of systems and missions. Most focus on conducting risk or gap analyses before suggesting mitigations. To apply those frameworks, it is essential to gain knowledge about the threat scenarios against which the risk or resilience is being evaluated. Common approaches to threat enumeration include leveraging threat intelligence or identifying sequential actions from threat models that are mainly developed from databases of past threat events. Such approaches either lack comprehensiveness or are too granular to produce a manageable scale of threat action combinatorics when identifying potential cyber threat scenarios for engineering a resilient mission or system. This article suggests a threat scenario characterization and enumeration approach that does not rely on intelligence or past threat databases and allows for tailored abstraction of threat scenarios to inform mitigation strategy decisions and facilitate cybersecurity and resilience engineering.