Affiliation:
1. Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia
2. Department of Applied Mathematics and Information Technologies, Saint-Petersburg University of State Fire Service of EMERCOM of Russia, 196105 Saint-Petersburg, Russia
3. University of Queensland-IIT Delhi Academy of Research (UQIDAR), New Delhi 110016, India
Abstract
This paper solves the problem of modeling the scheme for developing software systems, which can be used in building solutions for secure energy networks. A development scheme is proposed in a set of representations through which each program of the software complex passes, namely the following representations: idea, conceptual model, architecture, algorithm, source code, graphic code, abstract syntax tree, assembler code, machine code, byte code, executed code. The main properties of each representation are indicated, such as the form (text, graphic, programming language, binary, and decoded), development (transformation) methods, as well as vulnerabilities that are detected in it. An example of each representation is given, particularly as applied to the energy networks. The scheme elements (representations, vulnerabilities, forms, etc.) and the main operations for working with their elements (representation transformation, vulnerability injection, and detection) are presented in an analytical form. An example of a development scheme for a simple software complex of energy networks is given. The classification of vulnerabilities is introduced; it divides the vulnerabilities according to the structural level, functioning disruption, and information impact. The vulnerabilities in each of the views are substantiated using the common vulnerabilities and exposures (CVE) database. An experiment was conducted to demonstrate the vulnerability spread across representations during the development of a software complex example for the energy network. The features of the applications of the obtained results for energy networks are taken into account. The advantages, disadvantages, and limitations of the study, as well as ways to eliminate them, are discussed.
Subject
Energy (miscellaneous),Energy Engineering and Power Technology,Renewable Energy, Sustainability and the Environment,Electrical and Electronic Engineering,Control and Optimization,Engineering (miscellaneous),Building and Construction
Reference60 articles.
1. SFC++: A tool for developing distributed real-time control software;Pardo;Microprocess. Microsyst.,1999
2. Kotenko, I., and Doynikova, E. (2016, January 17–19). Dynamical Calculation of Security Metrics for Countermeasure Selection in Computer Networks. Proceedings of the 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP-2016), Heraklion, Greece.
3. Buinevich, M., Izrailov, K., and Vladyko, A. (February, January 31). The Life Cycle of Vulnerabilities in The Representations of Software for Telecommunication Devices. Proceedings of the 18th International Conference on Advanced Communication Technology (ICACT), Pyeongchang, Republic of Korea.
4. Sixty years of software development life cycle models;Kneuper;IEEE Ann. Hist. Comput.,2017
5. Case study: Darlington nuclear generating station [software-driven shutdown systems];Craigen;IEEE Softw.,1994
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献