Security modelling and formal verification of survivability properties: Application to cyber–physical systems
Resumen: The modelling and verification of systems security is an open research topic whose complexity and importance needs, in our view, the use of formal and non-formal methods. This paper addresses the modelling of security using misuse cases and the automatic verification of survivability properties using model checking. The survivability of a system characterises its capacity to fulfil its mission (promptly) in the presence of attacks, failures, or accidents, as defined by Ellison. The original contributions of this paper are a methodology and its tool support, through a framework called surreal. The methodology starts from a misuse case specification enriched with UML profile annotations and obtains, as a by-product, a survivability assessment model (SAM). Using predefined queries the survivability properties are proved in the SAM. A total of fourteen properties have been formulated and also implemented in surreal, which encompasses tools to model the security specification, to create the SAM and to prove the properties. Finally, the paper validates the methodology and the framework using a cyber–physical system (CPS) case study, in the automotive field.
Idioma: Inglés
DOI: 10.1016/j.jss.2020.110746
Año: 2021
Publicado en: JOURNAL OF SYSTEMS AND SOFTWARE 171, 110746 (2021), [26 pp]
ISSN: 0164-1212

Factor impacto JCR: 3.514 (2021)
Categ. JCR: COMPUTER SCIENCE, THEORY & METHODS rank: 30 / 111 = 0.27 (2021) - Q2 - T1
Categ. JCR: COMPUTER SCIENCE, SOFTWARE ENGINEERING rank: 29 / 110 = 0.264 (2021) - Q2 - T1

Factor impacto CITESCORE: 8.9 - Computer Science (Q1)

Factor impacto SCIMAGO: 1.418 - Information Systems (Q1) - Hardware and Architecture (Q1)

Financiación: info:eu-repo/grantAgreement/ES/MICIU/Medrese-RTI2018-098543-B-I00
Tipo y forma: Artículo (PostPrint)
Área (Departamento): Área Lenguajes y Sistemas Inf. (Dpto. Informát.Ingenie.Sistms.)

Creative Commons Debe reconocer adecuadamente la autoría, proporcionar un enlace a la licencia e indicar si se han realizado cambios. Puede hacerlo de cualquier manera razonable, pero no de una manera que sugiera que tiene el apoyo del licenciador o lo recibe por el uso que hace. No puede utilizar el material para una finalidad comercial. Si remezcla, transforma o crea a partir del material, no puede difundir el material modificado.


Exportado de SIDERAL (2023-05-18-13:24:38)


Visitas y descargas

Este artículo se encuentra en las siguientes colecciones:
Artículos



 Registro creado el 2021-08-20, última modificación el 2023-05-19


Postprint:
 PDF
Valore este documento:

Rate this document:
1
2
3
 
(Sin ninguna reseña)