Critical Infrastructure Cyberspace Analysis Tool (CICAT) is a modeling and simulation capability for evaluating how an adversary might conduct a cyber attack, leveraging MITRE CVE™ and ATT&CK™ open source data.
The Critical Infrastructure Cyberspace Analysis Tool (CICAT) is a modeling and simulation tool for evaluating how an adversary might conduct a cyber attack on a system. MITRE developed CICAT to automate production of cyber attack scenarios in conjunction with participation in International Atomic Energy Agency (IAEA) Coordinated Research Project (CRP) J02008: "Enhancing Computer Security Incident Analysis at Nuclear Facilities," which is an international research project to improve capabilities to prevent, detect, and respond to cyber security incidents at nuclear facilities.
The CICAT tool can be easily applied to other critical infrastructures or cyber physical systems through development of an infrastructure model to represent the target environment. Potential applications of CICAT include cyber threat modeling for acquisition programs, as well as defensive cyber operations (DCO) incident analysis and planning, and decision support in a production environment. This paper provides a capability description of the CICAT tool.