Ami-sec risk Assessment & System Requirements

Yüklə 1,35 Mb.

səhifə	10/30
tarix	28.10.2017
ölçüsü	1,35 Mb.
	#17655

1 ... 6 7 8 9 10 11 12 13 ... 30

Eavesdropping Threats

Download Threats

Download threats are those threats that directly involve the download source interface. The specific threats are listed below in Table 8.

Table 8. Download Threats


Threat Name	Severity	Likelihood	Description
T.Download.1	Medium	Unusual	An entity performs a denial of service attack that prevents the Download service asset from being able to download. This may lead to failure of a critical upgrade and continued exploitation of a weakness.
T.Download.2	High	Unusual	An AMI entity with access to the Software Download service asset provides faulty software/configuration information to the AMI component resource asset.
T.Download.3	Low	Likely	An AMI entity with proper access to the Download service asset loads software/configuration into an AMI component resource asset out of sequence.
T.Download.4	Low	Likely	An AMI entity with access to the Download Software service asset loads software/configuration into the wrong AMI component resource asset.
T.Download.5	Medium	Unusual	A non-AMI entity without access to the Download Software service asset replays download messages to cause a denial of service.

Eavesdropping Threats

Eavesdropping threats are those threats that involve network or communication eavesdropping. The specific threats are listed below in Table 9

Table 9. Eavesdropping Threats


Threat Name	Severity	Likelihood	Description
T.Eavesdrop.Apps.1	Medium	Unlikely	An entity eavesdrops on the Applications Interface (e.g. via logger process) in an attempt to read policy, information content, or information attributes information assets.
T.Eavesdrop.Comm.1	Medium	Likely	An entity eavesdrops on the Backhaul network in an attempt to read an information asset (e.g., in order to receive covert channel communications or perform traffic analysis).
T.Eavesdrop.Comm.2	Medium	Likely	An AMI entity eavesdrops on the AMI Virtual Network in an attempt to read an information asset (e.g., in order to receive covert channel communications or perform traffic analysis).
T.Eavesdrop.Comm.3	Low	Likely	An entity eavesdrops on the Policy Authority Interface in an attempt to read a policy, policy mechanism, or traffic flow information asset.
T.Eavesdrop.Comm.4	Medium	Likely	An entity eavesdrops on the AMI Systems Interface in an attempt to read information content, information attributes, policy, policy mechanism, or traffic flow information assets.
T.Eavesdrop.Comm.5	Medium	Likely	An entity eavesdrops on the non-AMI Systems Interface in an attempt to read information content, information attributes, or traffic flow information assets.
T.Eavesdrop.Comm.6	Low	Unlikely	An entity eavesdrops on the Download Source Interface in an attempt to diagnose AMI configuration and derive attacks on other AMI systems that weren’t upgraded yet.
T.Eavesdrop.Comm.7	High	Likely	An entity eavesdrops on the Key Management Systems Interface in an attempt to read policy, policy mechanisms, or traffic flow information assets.
T.Eavesdrop.HMI.1	Medium	Likely	An entity eavesdrops on the Users Interface (e.g. via a camera or a tap in the monitor cable) in an attempt to read policy, information content, or information attributes information assets.
T.Eavesdrop.HMI.2	Medium	Likely	A valid AMI user leaves the workstation unattended, does not logout, and leaves the AMI Token in the workstation. An entity sits at the unattended workstation and improperly accesses information assets.
T.Eavesdrop.HMI.3	Low	Unlikely	An entity sits at the unattended, inactive workstation, and attempts to access information assets.
T.Eavesdrop.HMI.4	Medium	Likely	An entity eavesdrops on the Users Interface because an authorized user viewed information assets in an unauthorized area.

Yüklə 1,35 Mb.

Dostları ilə paylaş:

1 ... 6 7 8 9 10 11 12 13 ... 30