Improving IT Architecture Modeling Through Automation : Cyber Security Analysis of Smart Grids

Sammanfattning: Contemporary organizations depend on IT to reach their goals but the organizations are constantly adapting to changing market conditions and these changes need to be reflected in the IT architecture. Modeling is often used to manage complex architectures allowing to abstract details and focus on the most important aspects. Metamodels are central to modeling and used as a mechanism for modeling different phenomena and describing evolving designs such as IT architectures. However, it can be difficult to model IT architecture especially in large organizations due to the amount and diversity of systems, software, data, et cetera. Previous studies have found problems with metamodels and the support modeling tools provide to the users. The topics mentioned by numerous authors are lacking cyber security analysis capabilities and the support for automated model creation using enterprise data. These two topics are studied in this thesis with the focus on smart grids. The contribution of this thesis is to offer support for IT architecture modeling processes with the following propositions that are described in four papers. The contribution includes a metamodel extension for analyzing insider threats and reachability (Paper A), a framework for automatic modeling (Paper B), a framework for improving semantic accuracy and granularity matching in automatic modeling (Paper C) and a reference model for cyber security analysis of smart grid load balancing (Paper D).