Extended eTVRA vs. security checklist: Experiences in a value-web

Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a Common Criteria evaluation. To support security evaluation, the European Telecommunications Standards Institute (ETSI) has developed a threat, vulnerability, risk analysis (eTVRA) method for the Telecommunication (Telco) domain. eTVRA builds on the security risk management methodology CORAS and is structured in such a way that it provides output that can be directly fed into a Common Criteria security evaluation. In this paper, we evaluate the time and resource efficiency of parts of eTVRA and the quality of the result produced by following eTVRA compared to a more pragmatic approach (Protection Profile-based checklists). We use both approaches to identify and analyze risks of a new SIM card currently under joint development by a small hardware company and a large Telco provider.

[1]  Liliana Favre,et al.  UML and the Unified Process , 2003 .

[2]  Rune Winther,et al.  Security Assessments of Safety Critical Systems Using HAZOPs , 2001, SAFECOMP.

[3]  Keith Mayes,et al.  A Comparative Analysis of Common Threats, Vulnerabilities, Attacks and Countermeasures Within Smart Card and Wireless Sensor Network Node Technologies , 2007, WISTP.

[4]  John A. Clark,et al.  Effective Security Requirements Analysis: HAZOP and Use Cases , 2004, ISC.

[5]  P. Bowen,et al.  Information Security Handbook: A Guide for Managers , 2006 .

[6]  O. Koufopavlou,et al.  Crypto processor for contactless smart cards , 2004, Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (IEEE Cat. No.04CH37521).

[7]  Zinaida Benenson,et al.  Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks , 2006, SPC.

[8]  Ketil Stølen,et al.  The CORAS methodology: model-based risk assessment using UML and UP , 2003 .

[9]  Eric Scherer,et al.  Design of co-ordination schemes in the networked enterprise , 1998, SMC'98 Conference Proceedings. 1998 IEEE International Conference on Systems, Man, and Cybernetics (Cat. No.98CH36218).

[10]  Antonio Vallecillo RM-ODP : The ISO Reference Model for Open Distributed Processing , 2000 .

[11]  Scott Cadzow,et al.  eTVRA, a Threat, Vulnerability and Risk Assessment Method and Tool for eEurope , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[12]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[13]  W E Vesely,et al.  Fault Tree Handbook , 1987 .

[14]  J. R. Catmur,et al.  SAFETY ASSESSMENT OF COMPUTER SYSTEMS USING HAZOP AND AUDIT TECHNIQUES , 1992 .