Assignment Sample on APPLYING STRIDE THREAT MODELING AND DATA SCIENCE TECHNIQUES TO ENSURE UAM NETWORK INTEGRITY

1.0 Chapter 1 – Introduction.

1.1 Introduction.

The main importance of threat modelling is to help the organizations in measuring the risks as well as vulnerabilities in ensuring the attention which are needed to look after the resources so as to minimize the threats in a systematic way. Thus threat modelling helps different organizations in clearly identifying, communicating, enumerating, understanding and to mitigate the threats as well as to protect the resources of the company. However, it also helps in prioritizing the lists which includes improvement of the security. Therefore, the threat modelling generally occurs while executing the plans, design and implementation. STRIDE network model is used in the determination of the security threats on an computer which is widely categorized into six distinct parts, which helps in attaining the overall security to the system in challenging the threats by reducing the spatial resolution that leads to computational benefits and also helps in the reduction of the overlays which occurs in each respective fields. “Urban Air Mobility” i.e. UAM network integrity helps in providing the feel of safety and reliability in transporting the necessary products in urban and rural areas by the help of drones and air taxis. Which provides many problems which are associated in delivering the necessary products into the rural areas which raises the risks on environmental impacts, noise and security. This research paper consists of the importance of data which is an integrated part of human life which are to be protected in ensuring the privacy as well as the threats which are associated in losing the essential credentials which is protected by the implementation of the STRIDE model which helps in identifying the vulnerabilities which are installed in the air taxi system or drone delivery system which are discussed in this research paper.

1.2 Research Aim.

The main aim of this project is to apply the STRIDE threat model in the UAM network to check the integrity of the network (Riddick 2020). The focus is made especially on the taxi or drone delivery systems. Various data science methods will be used to analyze the problems and the mitigation techniques will be discussed in detail.

1.3 Research Objective.

The objectives of this project are as follows:

• To understand the modeling process of STRIDE.
• To understand data science technologies that can improve the integrity of the network.
• To understand the UAM network integrity process.
• To apply STRIDE threat models on the UAM drone delivery network.
• To identify the vulnerabilities of the network.
• To understand the challenges of UAM network integrity.
• To determine the mitigation techniques of network security.

1.4 Research Significance.

This research paper highlights the application of the STRIDE model into an UAM network for checking the integrity of the network in reducing the threats which are being faced by this framework. However, this research study helps in understanding about the threats which are associated with this complete system in achieving the desired results so as to carry forward the operations which are to be done mainly by the STRIDE model in reducing the security risks in six distinct parts (Thombre and Agarwal 2021). This research paper completely focuses on the taxi and drone delivery system where various data science models are analyzed in resolving the problems and thus the mitigation techniques are discussed in detail. Therefore the enthralling purpose of this research study is to determine as well as analyze the problems which are being associated with the air taxi system or drone delivery system.

1.5 Research Framework.

Figure 1: Research Framework.

(Source: draw.io)

2.0 Chapter 2 – Literature Review.

2.1 Introduction.

This chapter i.e. literature review helps in providing the detailed insight into the problems as well as critical aspects which are completely associated with the research study. This chapter consists of different reviews which are associated with the research topic in getting concise knowledge on the research paper.

2.2 Empirical Study.

This section will provide the different distinct researchers which are being created by the researchers globally on implementing STRIDE method as well as different data science techniques in advancing the overall security from the threats which disrupts the complete framework. This research paper mainly focuses on the critical areas of the given research work which are to be identified and are as follows

According to Glaudel 2021, model based engineering approach in “e-VTOL aerospace and aircraft design of infrastructure for UAM” has been discussed by the author in his research paper. The research paper mainly contributes towards the MBSE i.e. “Model Based System Engineering” which critically follows the handbook which has been provided by NASA in making a specific approach towards designing of the System Engineering. The main focus which led the author to conduct this research paper was mainly from the MBSE model which was mainly created for the capturing of the technical requirements which are required in deriving the proper specific knowledge on “Federal Aviation Administration” i.e. FAA. This has been modelled by using the MBSE model which helps in demonstrating the traceability in between the low level as well as top level traceability of the platform which has been widely used by the SYSML. Which resulted in making the conclusive study which has been made in between the behavioral relationships where the analysis as well as the validation of the proposed design helps in supporting the reliability of the models.

According to Cho 2020, modelling threat on smart greenhouse has been discussed by the author in the research paper. “Information and communication technology” i.e. ICT has been successfully introduced into the agricultural industry and has significantly reduced the traditional methods which were widely used by the farmers in cultivating the crops. This has raised the firm’s intelligence and has expanded the entire process from delivering good quality seeds to the distribution of the logistics. Therefore the incidents which are created by the cybersecurity incidents or the cybercrimes in the farming generally damages the crops and harms the human safety. Researchers have been researching on this aspect for a long time which systematically constitutes towards the proper identification as well as classifying these levels of threats. STRIDE model which is widely used in the determination of the cyber threats in greenhouse makes system design more concise. The researchers have derived more than 125 threats and also have created 4 major types of attack trees which will be the basis of allowing the classification of the systematic threats in a smart greenhouse.

According to Rao 2020, overall perspective in establishing end security to the IOT has been discussed by the author in his research paper. The research paper states about the usefulness of IOT which has benefited the organizations in bringing or easing the tasks. “Information and Communication” i.e. ICT has been applicable into the small devices (telecom) which can be achieved at an affordable rate so as to access the internet. Huge data technology has enabled the business to ease their daily tasks in keeping all the necessary items in a data format to the internet and which can be achieved by the business anytime and anywhere. This IOT have been evolved from the time in delivering the essential requirements which are needed to ease everyday life which have significantly allowed the organizations in creating the useful remedies in facing the different scenarios in various fields. Thus IOT also enhances the integration of the technological disciplines which includes automation and sensing information within the organizational resource data.

According to McCarthy 2020, the fundamental elements of UAM have been discussed by the author in his respective research paper. The “Urban Airspace Environments” helps in providing the new opportunities for delivering the drone services into a rapidly growing large market which critically includes gathering of the crucial information, delivering of the products and services like air taxi. The main key challenge which it faces are from the modelling of the airspace environments into an densely populated spaces which are ongoing their process of development into an densely populated urban spaces which are carrying out their daily services in meeting their targets. However, this research paper explores in checking of the background of the UTM i.e. Urban-unmanned traffic management which examines initiatives like UTM i.e. unmanned air traffic systems. Therefore the main body of the paper describes about the initial research outputs which are then used by the research and development teams in approaching airspace modelling and significantly managing the traffic platforms for maintaining as well as operating the drones into urban environments.  Therefore these approaches critically includes to the certification of the drones in executing its operations into the urban areas and also enhances in making a significant approach towards the development of the traffic management system in order to reduce the threats by implementing STRIDE model along with different data collection methods in reducing the external threats which can damage the overall framework. Therefore it can be concluded as an implementing UTM can enhance the overall performance of the managing traffic which will provide an ease to deal with the operations.

2.3 Literature Gap.

In spite of having enough information which are required while conducting this research paper also have been received certain drawbacks and limitations which have blocked in attaining the necessary details which are required in completing this research work. The major limitations which came from the assumptions in attaining the total security which are to be fulfilled by the STRIDE model as well as different data science techniques in executing the air taxi services and drone delivery services by the help of UAM network (Novokhrestov et al. 2020). Thus this model has shown a significant simulation structure in a position which completely meets the expectation of all the limitations which are to be accessible by using holistic methods. One more limitation which comes directly are from the limitations which includes delay aspects and reliability.  The other limitations which arise are from implementations of heterogeneous and diverse networks which are applied into the IOT. One more limitation arises from addressing the operational and security limitations of the keys (physical) and thus enabling the correct use of cases by the help of time sensitive, controlled access and remotely monitored in timely delivery of the assured products to the clients. The other limitations are of not considering the multiple levels which requires QOS and this research paper also not fulfills the issues which are being related to the convergence rates and running time.

3.0 Chapter 3 – Methodology.

3.1 Introduction.

In this chapter the methodology part it critically discusses the procedures which are being required in the entire research section, which mainly comprises the different procedural techniques which are adopted at all stages of the research. Thus this chapter highlights the different stages which are to be involved in the strategic planning of the research process which require different procedures in acquiring all the necessary data’s which are required in the research paper. Moreover this section of the research paper consists of all the associated areas which are critically involved in conducting this research paper (Khan 2017). Thus this section will help in acquiring the knowledge which has been discussed in this section comprises the details from the data collection methods and proper analysis which are required in completing this research work.

3.2 Research Design.

This section consists to meet the objectives which are being set to complete the entire research work in keeping all the points which are to be met in accordance. Therefore STRIDE model stands for the six distinct threat models which are in different categories which critically includes “Spoofing identity, tampering with the data, repudiation threats and information disclosures, denial of services and elevation of the privileges”. This model is basically used in the determination of the threats in the primary stage of the development of the applications or a system (Verheyden 2018). Proactive process is being used in the determining the potential threats where all the entire process is used in the determination of the errors which critically follows the next step which includes finding the risks so as the system has been implemented in reducing the gaps which are mainly done by taking huge actions.

Figure 2: STRIDE threat networking.

(Source: developer.ibm.net/articles/threat-modeling-microservices-openshift-4/)

Data integrity plays a vital role in the success of a company or a business which generally deals with the laboratory or any institution which deals with the generation as well as manipulation or procuring of the data’s. Therefore the integrity of the data’s mainly refers to the different aspects which include consistency, completeness, validity and accuracy of the assigned data. However, the data’s are recorded as per the use and need of the users in attaining all the necessary things which are required in the future usage (Krishnan 2017). These data integration have shown a significant rapid increase over the decades which enables the users in making correct analysis from the data’s.

UAM network integrating process mainly concerns about the operations which are mainly done by the “manned and unmanned aircrafts” in an urban areas, which provides intelligent transportation system which are having intelligent transportation system in the aviation industry as well as in the self-driving cars which are mainly run on the streets of the cities in ensuring strong connectivity to the system to make a powerful impacts in the human life.

STRIDE threat model has been widely used into the process so as to sustain the overall threats which are being achieved in sustaining the process (Kavallierato et al. 2019). This model helps in analyzing the risks and also warns the users if it achieves some risks towards the system i.e. “Unmanned Aerial System” UAS by the help of drones and GPS which tools overall control of the entire process.

Figure 3: Urban Air Mobility.

(Source: unitingaviation.net/news/safety)

The vulnerabilities which are being achieved by the network security are mainly from the weaknesses or the flaws which are present within the software system, organizational processes and hardware’s. However, there are two types of network vulnerabilities present which are composed of physical and nonphysical. Physical means the things in which the entire system is made up of and nonphysical consists of weaknesses which refers to the data and software’s.

The mitigation techniques which are being used in the network security are mainly from the detection of the associated risks as well as implementing a protecting strategy which helps in safeguarding networks as well as the servers and applications by the “information technology administrators” (Eng, D 2017). This process critically includes six steps such as conducting a risk assessment tool in examining the vulnerabilities, establishing strong network access controls, installing antivirus software’s and firewalls, creation as well as scheduling of a good patch management, timely monitoring of the network traffic and building an incident response plan. These are the six major steps which comprise the vulnerabilities of the network security.

3.3 Data Collection Methods.

This research paper consists of secondary data analysis methods which are being used in completing this research work. The data’s as well as the crucial information about the concerned topic has been obtained from the different scholar journals, newspaper articles, websites and different blogs which have been written by the authors (Abeyratne et al. 2020). These secondary data analysis processes helped in completing the overall process which is made to be fulfilled in this research work.

4.0 Chapter 4 – Ethical Considerations.

There are various stages which are kept in consideration while conducting this research work which completely follows the different ethics and values which are required in abiding the procedures as well as the standards in performing this certain research work (Bernsmed and Jaatun 2019). This entire research work has been effectively includes all the ethical considerations below which are as follows

• While conducting this research work all the research procedures are being chosen as strategies which are done in a systematic way so as to collect the essential data’s which are being required in making huge analysis which completely meets all the standards and policies in the execution of the entire research process.
• Huge journals have been studied from different sources which are attained in a systematic manner without harming the entire system for acquiring the knowledge about the topic which helped in completing the research project.
• This research work has been made with keeping all the confidentiality standards as well as privacy policies in keeping all the essential data which are required in completing the entire research work.
• Special emphasis has been made while executing this research work so as to not harm any community or the environment while executing this entire research work.
• This research work also made a special consideration on restricting any discriminations in the society as well as the community.
• This research work has been conducted with the correct information which are being available while doing secondary research analysis and special care has been made to avoid any kind of manipulation of the data or the things which are being obtained from the secondary research analysis to complete this entire research work.

5.0 Chapter 5 – Time Plan.

Figure 4: Gantt Chart.

(Source: Project Libre)

6.0 Chapter 6 – References.

Reference List

Journal

Abasi-Amefon, O., MATULEVI ˇCIUS, R. and Nolte, A., 2020. Security risk management in e-commerce systems: a threat-driven approach. Baltic Journal of Modern Computing.

Abeyratne, A., Samarage, C., Dahanayake, B., Wijesiriwardana, C. and Wimalaratne, P., 2020. A security specific knowledge modelling approach for secure software engineering.

Bernsmed, K. and Jaatun, M.G., 2019, June. Threat modelling and agile software development: Identified practice in four Norwegian organisations. In 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) (pp. 1-8). IEEE.

Cho, S.H., Kang, D.S., Kang, M.S., Kim, H.S., Bae, J.W., Lee, C.I., Ji, H.B., Won, Y.H., Hong, H.K. and Kim, K., 2020. A Study on Threat Modeling in Smart Greenhouses. Journal of Information Security and Cybercrimes Research, 3(1), pp.1-12.

Eng, D., 2017. Integrated Threat Modelling (Master’s thesis).

Glaudel, H.S., 2021. A Model-Based Systems Engineering Approach to e-VTOL Aircraft and Airspace Infrastructure Design for Urban Air Mobility.

Hagan, M., Siddiqui, F. and Sezer, S., 2018, September. Policy-based security modelling and enforcement approach for emerging embedded architectures. In 2018 31st IEEE International System-on-Chip Conference (SOCC) (pp. 84-89). IEEE.

Kavallieratos, G., Gkioulos, V. and Katsikas, S.K., 2019, May. Threat analysis in dynamic environments: The case of the smart home. In 2019 15th international conference on distributed computing in sensor systems (DCOSS) (pp. 234-240). IEEE.

Khan, S.A., 2017. Fuzzy STRIDE model based on werners aggregation operator for computer network threat modelling. International Journal of Computing and Digital Systems, 6(02), pp.83-88.

Krishnan, S., 2017. A hybrid approach to threat modelling.

McCarthy, T., Pforte, L. and Burke, R., 2020. Fundamental elements of an urban UTM. Aerospace, 7(7), p.85.

Novokhrestov, A., Konev, A., Shelupanov, A. and Buymov, A., 2020, March. Computer network threat modelling. In Journal of Physics: Conference Series (Vol. 1488, No. 1, p. 012002). IOP Publishing.

Rao, V., Prema, K.V. and Rao, S.S., 2020. An Overall Perspective on Establishing End-to-End Security in Enterprise IoT (E-IoT). In Business Intelligence for Enterprise Internet of Things (pp. 81-97). Springer, Cham.

Riddick, S.E., 2020. An Overview of NASA’s Learn-to-Fly Technology Development. In AIAA SciTech 2020 Forum (p. 0760).

Thombre, A. and Agarwal, A., 2021. A paradigm shift in urban mobility: policy insights from travel before and after COVID-19 to seize the opportunity. Transport Policy.

Vasenev, A., Stahl, F., Hamazaryan, H., Ma, Z., Shan, L., Kemmerich, J. and Loiseaux, C., 2019, May. Practical Security and Privacy Threat Analysis in the Automotive Domain: Long Term Support Scenario for Over-the-Air Updates. In VEHITS (pp. 550-555).

Verheyden, L., 2018. Effectiveness of threat modelling tools (Doctoral dissertation, Master thesis).

Winsen, S., 2017. Threat modelling for future vehicles: on identifying and analysing threats for future autonomous and connected vehicles (Master’s thesis, University of Twente).