Toward better use of cyber threat models in defence environments
Toward better use of cyber threat models in defence environments
Threat modelling in cybersecurity is a systematic process for identifying, analysing, and prioritising threats in a system. However, it is a highly challenging task in the defence sector, since military capabilities present a broad attack surface. This problem is compounded by the widespread use of civilian threat models, designed for specific systems or security aspects, in the defence sector, which often lack the breadth required to analyse military capabilities. In this paper, we identify gaps in state-of-the-art threat models in their ability to represent threats in the defence sector, using TEPIDOIL, a framework that captures the components required to maintain effective defence capabilities. We then present a novel framework called Universal Defence Framework, and demonstrate, through a case study and evaluation, that it enables the use of existing (civilian) threat models in the defence sector and addresses the identified gaps. Our evaluation showed that integrating threat models into our framework provides the broader view required to analyse threats in complex, integrated systems, as typically found in the defence sector.
Johnson, Steve
caaeafad-4755-4860-9895-079ee54b71c0
Karafili, Erisa
f5efa31c-22b8-443e-8107-e488bd28918e
Johnson, Steve
caaeafad-4755-4860-9895-079ee54b71c0
Karafili, Erisa
f5efa31c-22b8-443e-8107-e488bd28918e
Johnson, Steve and Karafili, Erisa
(2026)
Toward better use of cyber threat models in defence environments.
In,
The European Conference on Cyber Warfare and Security (ECCWS).
(In Press)
Record type:
Book Section
Abstract
Threat modelling in cybersecurity is a systematic process for identifying, analysing, and prioritising threats in a system. However, it is a highly challenging task in the defence sector, since military capabilities present a broad attack surface. This problem is compounded by the widespread use of civilian threat models, designed for specific systems or security aspects, in the defence sector, which often lack the breadth required to analyse military capabilities. In this paper, we identify gaps in state-of-the-art threat models in their ability to represent threats in the defence sector, using TEPIDOIL, a framework that captures the components required to maintain effective defence capabilities. We then present a novel framework called Universal Defence Framework, and demonstrate, through a case study and evaluation, that it enables the use of existing (civilian) threat models in the defence sector and addresses the identified gaps. Our evaluation showed that integrating threat models into our framework provides the broader view required to analyse threats in complex, integrated systems, as typically found in the defence sector.
Text
Toward Better Use of Cyber Threat Models in Defence Environments
More information
Accepted/In Press date: 10 March 2026
Identifiers
Local EPrints ID: 511123
URI: http://eprints.soton.ac.uk/id/eprint/511123
PURE UUID: d524ac4d-cb41-4cfd-a99d-2dc41353e23b
Catalogue record
Date deposited: 05 May 2026 16:39
Last modified: 06 May 2026 01:59
Export record
Contributors
Author:
Steve Johnson
Author:
Erisa Karafili
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics