STRIDE-based Threat Modeling for Cyber-Physical Systems

Research output: Chapter in Book/Report/Conference proceedingConference contribution

51 Citations (Scopus)
6185 Downloads (Pure)


Critical infrastructures and industrial control systems are complex Cyber-Physical Systems (CPS). To ensure reliable operations of such systems, comprehensive threat modeling during system design and validation is of paramount significance. Previous works in literature mostly focus on safety, risks and hazards in CPS but lack effective threat modeling necessary to eliminate cyber vulnerabilities. Further, impact of cyber attacks on physical processes is not fully understood. This paper presents a comprehensive threat modeling framework for CPS using STRIDE, a systematic approach for ensuring system security at the component level. This paper first devises a feasible and effective methodology for applying STRIDE and then demonstrates it against a real synchrophasor-based synchronous islanding testbed in the laboratory. It investigates (i) what threat types could emerge in each system component based on the security properties lacking, and (ii) how a vulnerability in a system component risks the entire system security. The paper identifies that STRIDE is a light-weight and effective threat modeling methodology for CPS that simplifies the task for security analysts to identify vulnerabilities and plan appropriate component level security measures at the system design stage.
Original languageEnglish
Title of host publication2017 IEEE PES: Innovative Smart Grid Technologies Conference Europe (ISGT-Europe): Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages6
ISBN (Electronic)978-1-5386-1953-7
ISBN (Print)978-1-5386-1954-4
Publication statusPublished - 18 Jan 2018
EventIEEE International Conference on Innovative Smart Grid Technologies - Turin, Italy
Duration: 26 Sep 201729 Sep 2017


ConferenceIEEE International Conference on Innovative Smart Grid Technologies
Abbreviated titleIEEE ISGT Europe 2017
Internet address


  • Smart Grid
  • Synchrophasor
  • cyber attacks
  • Cyber defence
  • Cyber Security
  • Threat Modeling
  • Microgrid
  • power system
  • Monitoring


Dive into the research topics of 'STRIDE-based Threat Modeling for Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this