A Framework for Threat-driven Cyber Security Verification of IoT Systems

被引:11
|
作者
Kulik, Tomas [1 ]
Tran-Jorgensen, Peter W. V. [1 ]
Boudjadar, Jalil [1 ]
Schultz, Carl [1 ]
机构
[1] Aarhus Univ, Aarhus, Denmark
来源
2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW) | 2018年
关键词
PHYSICAL SYSTEMS;
D O I
10.1109/ICSTW.2018.00033
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Industrial control systems are changing from monolithic to distributed and interconnected architectures, entering the era of industrial IoT. One fundamental issue is that security properties of such distributed control systems are typically only verified empirically, during development and after system deployment. We propose a novel modelling framework for the security verification of distributed industrial control systems, with the goal of moving towards early design stage formal verification. In our framework we model industrial IoT infrastructures, attack patterns, and mitigation strategies for countering attacks. We conduct model checking-based formal analysis of system security through scenario execution, where the analysed system is exposed to attacks and implement mitigation strategies. We study the applicability of our framework for large systems using a scalability analysis.
引用
收藏
页码:89 / 97
页数:9
相关论文
共 50 条
  • [1] Threat-Driven Dynamic Security Policies for Cyber-Physical Infrastructures
    Hallett, Joseph
    Foley, Simon N.
    Manda, David
    Gardiner, Joseph
    Jonckers, Dimitri
    Joosen, Wouter
    Rashid, Awais
    CRITICAL INFORMATION INFRASTRUCTURES SECURITY, CRITIS 2022, 2023, 13723 : 9 - 26
  • [2] Security Risk Management in E-commerce Systems: A Threat-driven Approach
    Affia, Abasi-amefon O.
    Matulevicius, Raimundas
    Nolte, Alexander
    BALTIC JOURNAL OF MODERN COMPUTING, 2020, 8 (02): : 213 - 240
  • [3] A Threat-Driven Approach to Modeling a Campus Network Security
    Naagas, Marlon A.
    Palaoag, Thelma D.
    PROCEEDINGS OF 2018 6TH INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND BROADBAND NETWORKING (ICCBN 2018), 2018, : 6 - 12
  • [4] Aspect-oriented specification of threat-driven security requirements
    Xu, Dianxiang
    Goel, Vivek
    Nygard, Kendall E.
    Wong, W. Eric
    INTERNATIONAL JOURNAL OF COMPUTER APPLICATIONS IN TECHNOLOGY, 2008, 31 (1-2) : 131 - 140
  • [5] Aspect-oriented specification of threat-driven security requirements
    Department of Computer Science, North Dakota State University, Fargo, ND 58105, United States
    不详
    不详
    不详
    不详
    不详
    Int J Comput Appl Technol, 2008, 1-2 (131-140):
  • [6] DEFEDGE: Threat-Driven Security Testing and Proactive Defense Identification for Edge-Cloud Systems
    Casola, Valentina
    Catillo, Marta
    De Benedictis, Alessandra
    Moretta, Felice
    Pecchia, Antonio
    Rak, Massimiliano
    Villano, Umberto
    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 5, AINA 2024, 2024, 203 : 79 - 88
  • [7] Applied Threat Driven Security Verification
    Dhillon, Danny
    Mishra, Vishal
    2018 IEEE CYBERSECURITY DEVELOPMENT CONFERENCE (SECDEV 2018), 2018, : 135 - 135
  • [8] Cyber Security - Threat Scenarios, Policy Framework and Cyber Wargames
    Vaseashta, Ashok
    Susmann, Philip
    Braman, Eric
    CYBER SECURITY AND RESILIENCY POLICY FRAMEWORK, 2014, 38 : 1 - 10
  • [9] A Novel Approach to Generate the Property for Web Service Verification from Threat-Driven Model
    Zhu, Yonghua
    Gao, Honghao
    APPLIED MATHEMATICS & INFORMATION SCIENCES, 2014, 8 (02): : 657 - 664
  • [10] IoT Security Framework for Smart Cyber Infrastructures
    Pacheco, Jesus
    Hariri, Salim
    2016 IEEE 1ST INTERNATIONAL WORKSHOPS ON FOUNDATIONS AND APPLICATIONS OF SELF* SYSTEMS (FAS*W), 2016, : 242 - 247
12345