Toward Better Use of Cyber Threat Models in Defence Environments

Abstract

Threat modelling in cybersecurity is a systematic process for identifying, analysing, and prioritising threats in a system. However, it is a highly challenging task in the defence sector, since military capabilities present a broad attack surface. This problem is compounded by the widespread use of civilian threat models, designed for specific systems or security aspects, in the defence sector, which often lack the breadth required to analyse military capabilities. In this paper, we identify gaps in state-of-the-art threat models in their ability to represent threats in the defence sector, using TEPIDOIL, a framework that captures the components required to maintain effective defence capabilities. We then present a novel framework called Universal Defence Framework, and demonstrate, through a case study and evaluation, that it enables the use of existing (civilian) threat models in the defence sector and addresses the identified gaps. Our evaluation showed that integrating threat models into our framework provides the broader view required to analyse threats in complex, integrated systems, as typically found in the defence sector.