You can import multiple libraries in the Systems Cybersecurity Designer plugin instead of creating elements. All imported libraries are treated as used projects in your current project.
Adding a library to the project
To add a library to the project
- In the Containment tree, right-click Model> Security and then select the required library.
If you click on any element in the library, you will be redirected to the web page of the respective element.
MITRE CWE Library
The addition of the MITRE CWE Library adds a package to the Containment tree. The MITRE CWE Library contains two sub-packages: Common Weakness Enumeration and Functional Cybersecurity Requirements. The Common Weakness Enumeration package contains a list of weaknesses. Each weakness contains a hyperlink that redirects you to the CWE definition web page. The Functional Cybersecurity Requirements package contains the requirements to mitigate the weakness. These requirements are segregated with the help of sub-packages based on the type of requirement.
MITRE Library present in the Containment tree.
MITRE ATT&CK Enterprise Technique Library
The addition of MITRE ATT&CK Enterprise Technique Library adds two packages to the Containment tree: MITRE ATT&CK Enterprise Technique Library and MITRE ATT&CK Platforms Library. The MITRE ATT&CK Enterprise Technique Library package contains sub-packages which contain enterprise mitigation, tactics and techniques. The MITRE ATT&CK Platforms Library contains the platforms through which the attacks can take place.
MITRE ATT&CK Enterprise Technique Library present in the Containment tree.
MITRE ATT&CK ICS Technique Library
The addition of MITRE ATT&CK ICS Technique Library adds a package to the Containment tree. The MITRE ATT&CK ICS Technique Library package contains sub-packages which contain ICS mitigation, tactics and techniques.
MITRE ATT&CK ICSTechnique Library present in the Containment tree.
NIST Control Library
The addition of the NIST Control Library adds a package to the Containment tree. The NIST Control Library package contains a sub-package that lists the cyber security requirements.