Towards a Methodology to Design Provably Secure Cyber-physical Systems-Reference-Cited by-同舟云学术

Towards a Methodology to Design Provably Secure Cyber-physical Systems

Published:2023-10-30 Issue:1 Volume:43 Page:94-99
ISSN:1094-3641
Container-title:ACM SIGAda Ada Letters
language:en
Short-container-title:Ada Lett.

Author:

Lisboa Malaquias Felipe¹,Giantamidis Georgios¹,Basagiannis Stylianos¹,Fulvio Rollini Simone²,Amundson Isaac³

Affiliation:

1. Collins Aerospace, Ireland

2. Collins Aerospace, Italy

3. Collins Aerospace, USA

Abstract

The inordinate financial cost of mitigating post-production cybersecurity vulnerabilities in cyber-physical systems (CPS) is forcing the industry to rethink systems design cycles: greater attention is being given to the design phase - with the goal of reducing the attack surface of systems at an early stage (i.e., before silicon tape out). Fortunately, formal methods have advanced to the point that they can address such needs and contribute towards achieving security certification. However, new methods and tools focusing on industrial scalability and usability for systems engineers are required. In this ongoing research paper, we describe a framework that will help systems engineers to: a) design cyber-assured CPS using a Model Based Engineering (MBE) approach; b) formally map security requirements to different hardware and software blocks in the model; and c) formally verify security requirements. Based on the nature of each requirement, our framework collects formal correctness evidence from different tools: while high-level architectural properties are suitable for a contract- or ontology-based reasoning, more complex properties with rich semantics require the use of model checking or theorem proving techniques.

Publisher

Association for Computing Machinery (ACM)

Subject

General Medicine

Link

https://dl.acm.org/doi/pdf/10.1145/3631483.3631499

Reference30 articles.

1. K. L. Lueth , State of the IoT 2020: 12 billion IoT connections, surpassing non-IoT for the first time," IoT Analytics , Nov 2021 . K. L. Lueth, State of the IoT 2020: 12 billion IoT connections, surpassing non-IoT for the first time," IoT Analytics, Nov 2021.

2. K. Keerthi , I. Roy , A. Hazra , and C. Rebeiro , Formal verification for security in IoT devices," Security and Fault Tolerance in Internet of Things , pp. 179 -- 200 , 2019 . K. Keerthi, I. Roy, A. Hazra, and C. Rebeiro, Formal verification for security in IoT devices," Security and Fault Tolerance in Internet of Things, pp. 179--200, 2019.

3. A. Greenberg , Hackers remotely kill a Jeep on the highway-with me in it," Wired , Jul 2015 . A. Greenberg, Hackers remotely kill a Jeep on the highway-with me in it," Wired, Jul 2015.

4. de Saqui-Sannes and J. Hugues, Combining SysML and AADL for the design, validation and implementation of critical systems;P;ERTS2,2012

5. P. H. Feiler , D. P. Gluch , and J. J. Hudak , The architecture analysis & design language (AADL): An introduction," tech. rep ., Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst , 2006 . P. H. Feiler, D. P. Gluch, and J. J. Hudak, The architecture analysis & design language (AADL): An introduction," tech. rep., Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst, 2006.