| CPC G06F 21/577 (2013.01) [G06F 2221/034 (2013.01)] | 11 Claims |
|
1. Method for checking the security of a technical unit, the technical unit comprising at least one data transmission device and a multitude of components being capable of data communication via the data transmission device wherein at least one first plausible model variant is determined from an initial instance of a configuration model of the technical unit by specification processes, wherein each configuration model and each model variant corresponds to a systematic representation of the configuration of the technical unit, wherein the first plausible model variant corresponds to a certainty condition, wherein the certainty condition establishes that an instance of the model is sufficiently certain to allow a security check to be carried out within a specified time, wherein the method is carried out on a test computer system and wherein the method comprises the following steps:
assigning known vulnerabilities to components of the model variants;
defining an attack aim by selecting the attack aim from a list of attack aims to be processed;
determining at least one attack model, based on the attack aim, for the model variants;
weighting the nodes of the attack model with respect to at least one evaluation variable;
determining an evaluation of at least one test vector of the attack model with respect to the evaluation variable;
determining a security value as the pessimal value of all evaluations; and
issuing a security confirmation if the security value corresponds to a security criterion.
|