Share:

ANSYS medini analyze for Cybersecurity

ANSYS medini analyze for Cybersecurity implements key security analysis methods all in one integrated tool:

  • Context establishment by modeling the target of evaluation (TOE)
  • Asset and threat identification
  • Threat assessment and treatment
  • Evaluation of attack scenarios by modeling attack trees

medini analyze for Cybersecurity supports the efficient and consistent execution of security-related activities required by applicable standards. It is well-integrated with other engineering tools and enables model-based security analysis using standards like SysML.

Applications

medini analyze for Cybersecurity is key in the development of security-critical electrical and electronic (E/E) and software-controlled systems in the automotive domain. It is specifically tailored to domain-specific standards, like SAE J3061, HEAVENS and the upcoming ISO 21434. It can be used throughout the product design process, from the early concept phase to full system design.

Features

ANSYS medini analyze for Cybersecurity includes the most advanced analysis methods bundled in a model-based environment:

  • Model-based, integrated tools supporting analysis context establishment, asset identification, threat identification, attack trees, and threat assessment and treatment
  • Cybersecurity analysis and design of cybersecurity-related functions and systems according to standards like SAE J3061, HEAVENS and the upcoming ISO 21434
  • Integration of architectural/functional design models with cybersecurity analysis methods
  • Capture and management of cybersecurity requirements
  • Support of complete end-to-end traceability
  • Customizable work product/document generation
  • Detailed compare and merge for seamless teamwork
  • Integration with IBM Rational DOORS, PTC Integrity, Jama, MS Office, SVN and others

Capabilities

Analysis Context Establishment and Asset Identification

ANSYS medini analyze for Cybersecurity helps you to model the system architecture of the target of evaluation (TOE), along with the functions and processes that represent activities and actions. You can then allocate resources, identify assets and assign security attributes to them.

Analysis Context Establishment and Asset Identification
Threat Identification

By automatically collecting threat data and mapping them to STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service and Elevation of privilege) categories, medini analyze for Cybersecurity identifies potential threats and estimates their security implications.

Threat Identification
Attack Trees and Attack Collections

Compiling multiple potential attack routes into attack trees can be demanding if done manually. medini analyze for Cybersecurity can perform attack tree layout automatically; model events in terms of attacks, threats and vulnerabilities; and compile attack trees into attack collections.

Attack Trees and Attack Collections
Threat Assessment and Treatment

Once all attack trees have been collected, medini analyze for Cybersecurity can help you assess threats and strategies to mitigate risks. You can reduce the risks by estimating the likelihood and impact of each threat and defining treatment strategies beforehand.

Threat Assessment and Treatment
Requirement Analysis and Management

Use medini analyze for Cybersecurity’s data editors to determine security requirements. Allocate, manage and trace these requirements to the system’s architecture, hardware, software and function models.

Requirement Analysis and Management
Rich Traceability

Perform traces in a wide variety of ways, including trace-matrix and quick-trace modes. Navigate these traces to discover related elements in other models, and visualize traces for impact analysis.

Rich Traceability
Teamwork and Integrated Task Management

To be effective, the results of your threat analyses must be available to personnel in all disciplines in your organization. medini analyze for Cybersecurity merges projects for team collaboration, documents all decisions, and helps you manage the whole project through its scheduling function.

Teamwork and Integrated Task Management
Reporting and Customization

medini analyze for Cybersecurity makes it easy for you to communicate the results of your threat analyses by instantly creating reports in any format to summarize TOE, TARA, attack trees and security requirements.

Reporting and Customization