Enhancing C4I Security Using Threat Modeling

C4I (command, control, communications, computer and intelligence) system is a complex system of systems that enables the military commander to achieve decision superiority by affecting adversary´s information and information based processes while protecting one`s own information systems. Owing to the sensitivity of military information the security threats to C4I systems are real and growing therefore security is a major challenge in order to maintain integrity, confidentiality, availability and accountability. Different Models and architectures frameworks e.g. DODAF, CDSA have been proposed which decompose the detail structure of C4I systems however these models and frameworks do not provide mechanism to capture associated security risks and issues. Threat modeling is the process to understand different ways system can be attacked which helps towards secure system design and implement countermeasures. This paper suggests that using threat modeling could help to eradicate or reduce the effect of advancing threats to C4I systems. In this paper we also identify how security can be modeled in top down manner e.g. from architecture level to lower level of modeling so that countermeasures can be incorporated on system level rather than on bit by bit basis.