Workshop: The 17th Workshop on Workflows in Support of Large-Scale Science (WORKS22)
Authors: Emily K. Adams (Indiana University, Center for Applied Cybersecurity Research (CACR)) and Anirban Mandal (Renaissance Computing Institute (RENCI))
Abstract: Guaranteeing the data integrity of scientific workflows and their associated data products, in the face of non-malicious and malicious threats, is of paramount importance for the validity and credibility of scientific research. In this work, we describe how we can leverage two popular cybersecurity classification frameworks - OSCRP and MITRE ATT&CK®, to systematically model threats to the integrity of scientific workflows and data in a research setting. We enumerate non- malicious and malicious threats to the integrity of scientific workflows, and present the relevant assets, concerns, avenues of attacks and impact of the threats in typical scientific workflow execution scenarios.