Enhanced Security Testbed Threat Model Based on Parametric Equation and Multi-Level Design Approach

Abstract

The threat model of a security testbed provides quantitative and qualitative conceptual insights into robustness of the developed testbed. Security of any digitally designed system is not guaranteed until an appropriate modelling and assessment of threat is carried out and proper mitigation is iteratively done. Several existing techniques could not handle the complexities, multi-dimensionality and layered nature inherent in threat modelling of multi-layered systems. Most approaches focus on a single level of data communication. This article aims to develop a threat model that considers different levels and dimensions of data communications over a network architecture. Parametric-based equation and data flow diagrams were used in the modelling. The model was iteratively assessed and evaluated to ensure conformity with pre-defined security requirement for the testbed.