Closed andrewbwm closed 3 years ago
The current distributions on the attack steps representing the unsafe actions have been chosen arbitrarily, they should be replaced with more scientifically grounded values.
Due to the way the Bernoulli distribution works in securiCAD and the fact that SecurityAwareness protects against both forced and unforced user activity the likelihood of unsafe user action is capped by the SecurityAwareness value. It would be useful to have the resulting attack step, from combining the impact of forced and unforced unsafe user actions, to have a higher likelihood of succeeding and not just reach the capped value more quickly.
The unforcedUnsafeUserActivity attack step introduces a way to trigger attack steps on the Application asset without any Attacker activity. While this is not problematic it does slightly challenge the existing design philosophy of coreLang.
Introduce attack steps that represent the User engaging in unsafe actions on the Applications it has access to via its Identities.
There are two different aspects which can lead to this dangerous behaviour:
The resulting unsafe user behaviour can be used to trigger SoftwareVulnerabilities that require user interaction.
The SecurityAwareness defence on the User asset reduces both forced and unforced unsafe user activity.