ANSYS medini analyze for Cybersecurity
ANSYS medini analyze for Cybersecurity implements key security analysis methods all in one integrated tool:
- Context establishment by modeling the target of evaluation (TOE)
- Asset and threat identification
- Threat assessment and treatment
- Evaluation of attack scenarios by modeling attack trees
medini analyze for Cybersecurity supports the efficient and consistent execution of security-related activities required by applicable standards. It is well-integrated with other engineering tools and enables model-based security analysis using standards like SysML.
medini analyze for Cybersecurity is key in the development of security-critical electrical and electronic (E/E) and software-controlled systems in the automotive domain. It is specifically tailored to domain-specific standards, like SAE J3061, HEAVENS and the upcoming ISO 21434. It can be used throughout the product design process, from the early concept phase to full system design.
ANSYS medini analyze for Cybersecurity includes the most advanced analysis methods bundled in a model-based environment:
- Model-based, integrated tools supporting analysis context establishment, asset identification, threat identification, attack trees, and threat assessment and treatment
- Cybersecurity analysis and design of cybersecurity-related functions and systems according to standards like SAE J3061, HEAVENS and the upcoming ISO 21434
- Integration of architectural/functional design models with cybersecurity analysis methods
- Capture and management of cybersecurity requirements
- Support of complete end-to-end traceability
- Customizable work product/document generation
- Detailed compare and merge for seamless teamwork
- Integration with IBM Rational DOORS, PTC Integrity, Jama, MS Office, SVN and others
Analysis Context Establishment and Asset Identification
ANSYS medini analyze for Cybersecurity helps you to model the system architecture of the target of evaluation (TOE), along with the functions and processes that represent activities and actions. You can then allocate resources, identify assets and assign security attributes to them.
By automatically collecting threat data and mapping them to STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service and Elevation of privilege) categories, medini analyze for Cybersecurity identifies potential threats and estimates their security implications.
Attack Trees and Attack Collections
Compiling multiple potential attack routes into attack trees can be demanding if done manually. medini analyze for Cybersecurity can perform attack tree layout automatically; model events in terms of attacks, threats and vulnerabilities; and compile attack trees into attack collections.
Teamwork and Integrated Task Management
To be effective, the results of your threat analyses must be available to personnel in all disciplines in your organization. medini analyze for Cybersecurity merges projects for team collaboration, documents all decisions, and helps you manage the whole project through its scheduling function.