Modelling and analysing resilience as a security issue within UML

Computers & Electrical Engineering

Nardone

et al. 2015

Self Cite

The multifaceted nature of cyber-physical systems needs holistic study methods to detect essential aspects and interrelations among physical and cyber components. Like the systems themselves, security threats feature both cyber and physical elements. Although to apply divide et impera approaches helps handling system complexity, to consider just one aspect at a time does not provide adequate risk awareness and hence does not allow to design the most appropriate countermeasures. To support this claim, in this paper we provide a joint application of two model-driven techniques for physical and cyber-security evaluation. We apply two UML profiles, namely SecAM (for cyber-security) and CIP_VAM (for physical security), in combination. In such a way, we demonstrate the synergy between both profiles and the need for their tighter integration in the context of a reference case study from the railway domain.

Section: The Secam Profile and Generalized Stochastic Petri Netsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

On synergies of cyber and physical security modelling in vulnerability assessment of railway systems

Marrone¹,

Computers & Electrical Engineering

Nardone

et al. 2015

Self Cite

“…It enables the specification in UML behavioural diagrams of attacks, vulnerabilities and intrusion concepts, and also their causal relationships (i.e., the attack-vulnerability-intrusion or AVI chain) [12]. The package was initially proposed in [13] to conduct a vulnerability stochastic analysis. Figure 2 details the package.…”

Section: Secam::resilience Packagementioning

confidence: 99%

Modelling Security of Critical Infrastructures: A Survivability Assessment

Merseguer

Bernardi

2014

The Computer Journal

Self Cite

Critical infrastructures, usually designed to handle disruptions caused by human errors or random acts of nature, define assets whose normal operation must be guaranteed to maintain its essential services for human daily living. Malicious intended attacks to these targets need to be considered during system design. To face with these situations, defense plans must be developed in advance. In this paper, we present a UML profile, named SecAM, that enables the modelling and security specification for critical infrastructures during the early phases (requirements, design) of systems development life-cycle. SecAM endows security assessment, through survivability analysis, of different security solutions before system deployment. As a case study, we evaluate the survivability of the Saudi Arabia crude-oil pipeline network under two different attack scenarios. The stochastic analysis, carried out with Generalized Stochastic Petri nets, quantitatively estimates the minimisation of attack damages into the crude-oil network.

“…On the other hand, since we focus our work in the context of intrusion-tolerant systems (i.e., those critical systems which apply FT techniques to tolerate intrusions), this implies also the necessity to report security requirements in the same UML designs. So, to avoid greater complexities, we rely on SecAM [8] (Security Analysis and Modelling profile), which is properly integrated in the MARTE-DAM framework. Although it may seem that the use of these profiles may bring some knottiness, in reality, a little part of the stereotypes proposed by the above mentioned profiles greatly helps designers of critical systems in their work.…”

Section: Introductionmentioning

confidence: 99%

Integrating Fault-Tolerant Techniques into the Design of Critical Systems

Lecture Notes in Computer Science

Merseguer

2010

Self Cite

Abstract. Software designs equipped with specification of dependability techniques can help engineers to develop critical systems. In this work, we start to envision how a software engineer can assess that a given dependability technique is adequate for a given software design, i.e., if the technique, when applied, will cause the system to meet a dependability requirement (e.g., an availability degree). So, the idea here presented is how to integrate already developed fault-tolerant techniques in software designs for their analysis. On the one hand, we will assume software behavioural designs as a set of UML state-charts properly annotated with profiles to take into account its performance, dependability and security characteristics, i.e., those properties that may hamper a critical system. On the other hand, we will propose UML models for well-known faulttolerant techniques. Then, the challenge is how to combine both (the software design and the FT techniques) to assist the software engineer. We will propose to accomplish it through a formal model, in terms of Petri nets, that offers results early in the life-cycle.