Empty Banner

Threat-driven security testing
and proactive DEFense identification for EDGE-cloud systems

WP4 - Threat-driven security testing

WP4 has the goal to define a process to automatically generate and execute a list of concrete attacks from system and threat models to conduct and effective yet low-cost penetration testing

  • T4.1 Analyzing attacks, their formalization and execution (M1-M6): review of (i) Attack Patterns, Techniques, Tactics and Tools, (ii) Existing Knowledge Bases, (iii) descriptive languages for attacks and testing plans and (iv) Security Testing plan completeness
  • T4.2 Design and Development of an Expert System for Threat, Asset and Attacks Automated Mapping (M6-M18): specification of the format of the Threat-Attack-Asset knowledge base, mapping attacks onto edge-cloud assets and properties and related threats and its population
  • T4.3 Design and Development of an Expert System for Penetration Testing Planning Automation (M6-M18) 
  • T4.4 Design and Development of a System for Penetration Testing Execution Automation (M6-M18)

Privacy

Contacts

PI Email: alessandra[.]debenedictis[at]unina[.]it

Substitute PI Email: antonio[.]pecchia[at]unisannio[.]it