🤖 AI Summary
This study addresses the challenge of performing precise quantitative security assessments for Internet of Things (IoT) systems, which is hindered by architectural heterogeneity, dynamically evolving threats, and the lack of reliable exploitability probability data. To overcome these limitations, the authors propose an integrated approach that combines Model-Based Systems Engineering (MBSE), attack trees, and empirical vulnerability intelligence. Specifically, attack trees are automatically generated from SysML architectural models, enriched with exploitability probabilities derived from the Exploit Prediction Scoring System (EPSS), and embedded within a Bayesian network to enable probabilistic reasoning. This methodology uniquely bridges architecture-driven modeling with real-world vulnerability data, enabling quantitative computation of system compromise likelihood, identification of critical vulnerabilities, root-cause diagnosis of potential attacks, and prioritization of mitigation strategies—thereby significantly enhancing the rigor, reproducibility, and operational utility of IoT risk assessments.
📝 Abstract
The Internet of Things (IoT) is integral to modern cyber-physical systems. Quantitative cybersecurity assessment in IoT environments remains challenging due to heterogeneous system architectures, evolving threat landscapes, and the limited availability of reliable probabilistic exploitability data. Although Attack Tree Analysis (ATA) provides a structured framework for modelling potential attack paths leading to system compromise, conventional ATA quantification often relies on subjective expert judgement or heuristic scoring schemes, which can introduce uncertainty and reduce analytical reproducibility. This study introduces a data-driven probabilistic security framework for IoT-based safety-critical systems by integrating Model-Based Systems Engineering (MBSE), ATA, and empirical vulnerability data. In the proposed framework, SysML models capture system architecture, from which attack trees are derived. Vulnerabilities are mapped as Basic Attack Steps and assigned exploitation probabilities using the Exploit Prediction Scoring System (EPSS). The attack tree is then represented as a Bayesian Network, enabling probabilistic reasoning, diagnostic inference, and vulnerability criticality analysis. The framework quantifies system compromise probabilities, identifies likely causes of attacks, and prioritises mitigation strategies. By combining architecture-driven modelling with real-world vulnerability intelligence, it provides a rigorous, reproducible approach for cybersecurity risk assessment in complex IoT environments.