ANSYS medini analyze for Cybersecurity 在单个集成工具中实施关键的安全分析方法:

  • 对评估对象 (TOE) 进行建模以实现全景建立
  • 资产和威胁识别
  • 威胁评估和处理
  • 对攻击树进行建模以实现攻击场景评估

medini analyze for Cybersecurity 支持一致、高效地执行适用标准所要求的安全相关活动。它能够与其他工程工具实现良好集成,并通过 SysML 等标准实现基于模型的安全分析。

应用领域

medini analyze for Cybersecurity 对汽车领域安全关键电气电子 (E/E) 和软件控制系统的开发至关重要。该解决方案根据行业专业标准(如 SAE J3061、HEAVENS 和即将施行的 ISO 21434)进行专门定制,可运用到从初期概念阶段到完整系统设计的整个产品设计流程。

特点

ANSYS medini analyze for Cybersecurity 包含基于模型的环境中捆绑的前沿分析方法,具体如下:

  • 基于模型的集成工具,支持分析全景的建立、资产和威胁识别、攻击树以及威胁评估和处理
  • 根据 SAE J3061、HEAVENS 和即将施行的 ISO 21434 等标准执行网络安全分析以及网络安全相关功能和系统的设计
  • 将架构/功能设计模型与网络安全分析方法进行集成
  • 捕获和管理网络安全要求
  • 支持完整的端到端可追溯功能
  • 工作成果/文档的定制化生成
  • 详细的比较和合并,以实现无缝团队协作
  • 与 IBM Rational DOORS、PTC Integrity、Jama、MS Office、SVN 等集成
分享:

功能

  • 全景建立和资产识别分析

    ANSYS medini analyze for Cybersecurity helps you to model the system architecture of the target of evaluation (TOE), along with the functions and processes that represent activities and actions. You can then allocate resources, identify assets and assign security attributes to them.

    Learn More 
  • 威胁识别

    By automatically collecting threat data and mapping them to STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service and Elevation of privilege) categories, medini analyze for Cybersecurity identifies potential threats and estimates their security implications.

    Learn More
  • 攻击树和攻击集合

    Compiling multiple potential attack routes into attack trees can be demanding if done manually. medini analyze for Cybersecurity can perform attack tree layout automatically; model events in terms of attacks, threats and vulnerabilities; and compile attack trees into attack collections.

    Learn More
  • 威胁评估和处理

    Once all attack trees have been collected, medini analyze for Cybersecurity can help you assess threats and strategies to mitigate risks. You can reduce the risks by estimating the likelihood and impact of each threat and defining treatment strategies beforehand.

    Learn More
  • 需求分析和管理

    Use medini analyze for Cybersecurity’s data editors to determine security requirements. Allocate, manage and trace these requirements to the system’s architecture, hardware, software and function models.

    Learn More
  • 丰富的可追溯功能

    Perform traces in a wide variety of ways, including trace-matrix and quick-trace modes. Navigate these traces to discover related elements in other models, and visualize traces for impact analysis.

    Learn More
  • 团队协作和集成任务管理

    To be effective, the results of your threat analyses must be available to personnel in all disciplines in your organization. medini analyze for Cybersecurity merges projects for team collaboration, documents all decisions, and helps you manage the whole project through its scheduling function.

    Learn More
  • 报告和自定义

    medini analyze for Cybersecurity makes it easy for you to communicate the results of your threat analyses by instantly creating reports in any format to summarize TOE, TARA, attack trees and security requirements.

    Learn More