Compositional Verification of Application-Level Security Properties

Gunawan, Linda Ariani; Herrmann, Peter

doi:10.1007/978-3-642-36563-8_6

Cited by 13 publications

(5 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Partial/compositional/modular model checking [1,14] has been applied extensively in the literature for security analysis [2,16,[28][29][30]. This technique relies on decomposing a system S into a set of individually analyzable subsystems S 1 S 2 .. S n for a property to be analyzed P = P 1 P 2 .. P m [5,6].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Security Verification of Industrial Control Systems using Partial Model Checking

Kulik

Boudjadar

Tran-Jørgensen

2020

Proceedings of the 8th International Conference on Formal Methods in Software Engineering

View full text Add to dashboard Cite

Industrial control systems are moving from isolated to distributed and cloud-connected architectures. While the operational benefits of this migration form the driving force for this trend, the necessary security assurance is often difficult to achieve. Formal methods, including model checking, provide capable technologies to deal with this challenge. However, when formal verification must account for the complexity of modern control systems the state space being explored grows drastically as more details are included in the analysis. This may eventually cause a state space explosion, which makes formal verification infeasible. To address this, we propose a method for decomposing cloud-connected control systems into modules representing the different parts of the system (clients, the cloud, the control network, etc.). Based on the decomposed version of the system, we use UPPAAL to model several well-known cyber attacks and formally verify the system's behavior under these attacks. To determine viability of our approach, we first use statistical model checking SMC to assess the probabilities of success for selected attacks. Based on SMC outcomes, we use symbolic model checking to individually analyse the subsystem affected by each attack. The results obtained from this analysis are then used to demonstrate the feasibility of our approach. We demonstrate our method using an actual control system architecture provided by our industrial partner. CCS CONCEPTS • Security and privacy → Logic and verification; Denial-ofservice attacks; Security requirements.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Gunawan et al use compositional strategy for verification of security properties [16]. This is done by describing the system features individually in a modular design where each module is constrained by local security properties.…”

Section: Related Workmentioning

confidence: 99%

Security Verification of Industrial Control Systems using Partial Model Checking

Kulik

Boudjadar

Tran-Jørgensen

2020

Proceedings of the 8th International Conference on Formal Methods in Software Engineering

View full text Add to dashboard Cite

show abstract

“…Additionally, SPACE has been already used for encapsulating security functionality in a form of building blocks with validation of their correct integration . Finally, the recent work of Gunawan and Herrmann enables compositional verification of security properties for SPACE models.…”

Section: Case Study and Backgroundmentioning

confidence: 99%

Integrating security mechanisms into embedded systems by domain‐specific modelling

Vasilevskaya

Gunawan

Nadjm‐Tehrani

et al. 2013

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

Embedded devices are crucial enablers of the Internet of Things and become increasingly common in our daily life. They store, manipulate and transmit sensitive information and, therefore, must be protected against security threats. Due to the security and also resource constraint concerns, designing secure networked embedded systems is a difficult task. Modelbased development (MBD) is promoted to address complexity and ease the design of software intensive systems. We leverage MBD and domain-specific modelling to characterise common issues related to security and embedded systems that are specific to a given application domain. Security-specific knowledge relevant for a certain application domain is represented in the form of an adapted information security ontology. Further, the elements of the ontology are associated with security building blocks modelled with the MBD method SPACE. The selection of relevant security building blocks is based on (i) assets automatically elicited from the functional models, (ii) domain security knowledge captured by the security expert and (iii) the platform adopted by the embedded system engineer. A tool is developed to support the steps supporting this methodology and help to bridge between the security and embedded systems domains. We illustrate our approach with a case study from the smart metering domain.

show abstract

“…The composed system model is automatically transformed into executable Java code [17]. Further, various formal verification methods ensure functional correctness [17] as well as reliability [27], security [9] and safety [12,13] of targeted systems.…”

Section: Introductionmentioning

confidence: 99%

Towards Verifying Safety Properties of Real-Time Probabilistic Systems

Han¹,

Blech²,

Herrmann³

et al. 2014

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

Using probabilities in the formal-methods-based development of safety-critical software has quickened interests in academia and industry. We address this area by our model-driven engineering method for reactive systems SPACE and its tool-set Reactive Blocks that provide an extension to support the modeling and verification of real-time behaviors. The approach facilitates the composition of system models from reusable building blocks as well as the verification of functional and real-time properties and the automatic generation of Java code. In this paper, we describe the extension of the tool-set to enable the modeling and verification of probabilistic real-time system behavior with the focus on spatial properties that ensure system safety. In particular, we incorporate descriptions of probabilistic behavior into our Reactive Blocks models and integrate the model checker PRISM which allows to verify that a real-time system satisfies certain safety properties with a given probability. Moreover, we consider the spatial implication of probabilistic system specifications by integrating the spatial verification tool BeSpaceD and give an automatic approach to translate system specifications to the input languages of PRISM and BeSpaceD. The approach is highlighted by an example.Comment: In Proceedings FESCA 2014, arXiv:1404.043

show abstract

Compositional Verification of Application-Level Security Properties

Cited by 13 publications

References 20 publications

Security Verification of Industrial Control Systems using Partial Model Checking

Security Verification of Industrial Control Systems using Partial Model Checking

Integrating security mechanisms into embedded systems by domain‐specific modelling

Towards Verifying Safety Properties of Real-Time Probabilistic Systems

Contact Info

Product

Resources

About