Politecnico di Torino (logo)

Analisi ibrida delle minacce = Hybrid Threat Analysis

Enzo Maria Bisceglia

Analisi ibrida delle minacce = Hybrid Threat Analysis.

Rel. Riccardo Sisto, Fulvio Valenza. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (4MB) | Preview

Nowadays, cyber-physical systems are ubiquitous and present in most of our everyday life. Their usage is spread over many applications, like industrial control systems, modern buildings, and critical infrastructures. Recently such systems are becoming more interconnected and smart, by means of the Internet of Things (IoT) concept, making them accessible through both physical and remote connections. Furthermore, end users can configure and customize their own systems, but this flexibility generally implies an unaware sharing of private data over the underlying IoT. The attack surface is thus much wider and more heterogeneous. Determining the potential threats in these smart systems and to provide an adequate amount of protection becomes a very complex and hard process. Generally, threat analysis covers partially the attack surface, because it does not consider the possible relationships among physical access, remote connections and human interactions, which may lead to unknown vulnerabilities. The next phase of risk mitigation is conducted to lower the risk of the most highly impacted threats only. This approach, besides being cumbersome and time-consuming, lacks a comprehensive view of the system behavior. It results, as such, error-prone, and it can make the overall system security significantly hard to maintain. The objective of the thesis is to define and implement a framework able to analyze any connections (physical or remote) and human-system interactions that may lead to a vulnerability, which is a task that the existing approaches cannot do.

Relators: Riccardo Sisto, Fulvio Valenza
Academic year: 2021/22
Publication type: Electronic
Number of Pages: 72
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: Politecnico di Torino
URI: http://webthesis.biblio.polito.it/id/eprint/20538
Modify record (reserved for operators) Modify record (reserved for operators)