Multiscale modeling of PECVD generated Silicon films ... - Lammps

Figure 12 - Example Attack Tree for VPN partner connectionThe attack tree in Figure 12 is a horizontal tree that adheres to the guidelines discussed in the previoustree’s description. In this tree, the grey nodes are the conditional nodes of the tree, the red nodes areresultant conditions, green nodes are security controls and the orange nodes are threat actors/attackagents. This tree is shown as a comparison to the tree in Figure 11 – to illustrate the flexibility andcreativity possible with attack trees.Threat ProfilesFor the purposes of this paper, a threat profile is defined as a tabular summary of threats, attacks andrelated characteristics. The tabular format allows for a large degree of flexibility in terms of the columnsand rows selected for each profile. Threat profiles are an excellent tool for communicating the results ofcompleted threat models and/or attack trees. They also allow for consolidation, sorting, pivoting and othercommon data manipulation functions. Providing detailed descriptions of both the cause and effect ofthreats and attack vectors is an ideal use case for threat profiles.For comparison, some assessment practices use the term threat profile to describe a decomposition that ismuch more analogous to an attack tree [5], while others are more congruent with the description providedin this paper [13]. More recently, the term threat profile has been used in the development of cyber threatintelligence.Table 2 presents a generic threat profile template. Table 3, along with Listing 1, and Table 4 illustratecase study threat profiles. The differences in scope and applicability between Tables 3 and 4 are describedas follows: Table 3 is a more granular profile and Table 4 is an example of a large-scale, detailed analysispresented as a summarized and aggregate data set. These two examples demonstrate the flexibility andscalability of threat profiles.© Lockheed Martin Corporation19