Abstract
In today’s interconnected world, enhancing defense cooperation through effective information sharing among allied nations is critical. A cybersecurity incident in one country can quickly cascade across all allied nations. As a result, the U.S. has mandated stronger cybersecurity practices within the defense sector among its allies. This directive has led many nations to develop their own security risk management frameworks, often modeled after the Risk Management Framework (RMF) employed by the U.S. Department of Defense (DoD). A key component of the U.S. DoD standards is the mandatory use of threat modeling techniques—a methodology for identifying and mitigating threats to a system—during the performing of the RMF. However, the problem is that threat modeling methods used in the defense field are mostly based on old-fashioned techniques. This study seeks to modernize threat modeling methodologies in the defense industry by incorporating the latest technological advancements. First, a systematic literature review is conducted to identify the most recent innovations in threat modeling. Then, we analyze the specific needs of the defense sector that these methodologies must address. Finally, we evaluate the feasibility of integrating cutting-edge technologies into existing threat modeling frameworks and propose future directions. Ultimately, this paper presents a structured approach for applying modern threat modeling techniques that can be adopted globally across the defense industry.
| Original language | English |
|---|---|
| Pages (from-to) | 53276-53304 |
| Number of pages | 29 |
| Journal | IEEE Access |
| Volume | 13 |
| DOIs | |
| Publication status | Published - 2025 |
Bibliographical note
Publisher Copyright:© 2013 IEEE.
Keywords
- Defense industry
- risk management framework (RMF)
- systematic literature review (SLR)
- threat modeling
ASJC Scopus subject areas
- General Computer Science
- General Materials Science
- General Engineering