For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
2,448
views
16
references
 Top references
cited by
0
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    4
    shares
      252
      similar
       All similar

      Celebrating 65 years of The Computer Journal - free-to-read perspectives - bcs.org/tcj65

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Adaptive Modelling for Security Analysis of Networked Control Systems

      proceedings-article
      Author(s): , , , , ,
      Publication date (Print):
      Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)
      Conference theme: Cyber Security Research
      Conference date: 23 - 25 August 2016
      Keywords: decomposition, ontology, threat analysis, system modelling, network security, reasoning, vulnerability
      Bookmark

            Abstract

            Incomplete information about connectivity and functionality of elements of networked control systems is a challenging issue in applying model-based security analysis in practice. This issue can be addressed by modelling techniques providing inherent mechanisms to describe incomplete information. We present and exemplary demonstrate a new, ontology-based method to adaptively model and analyse networked control systems froma security perspective.Ourmethod allowsmodelling different parts of the systemwith different levels of detail. We include a formalism to handle incomplete information by applying iterative extension and iterative refinement of the model where necessary. By usingmachine-based reasoning on an ontologymodel of the system, security-relevant information is deduced. During this process, non-obvious attack vectors are identified using a structural analysis of the model and by connecting the model to vulnerability information.

            Content

            Author and article information

            Conference
            Publication date: August 2016
            Publication date (Print): August 2016
            Pages: 64-73
            Affiliations
            [0001]Beckhoff Automation GmbH & Co. KG, Nuremberg, Germany
            [0002]Fraunhofer Institute AISEC, Garching, Germany
            Article
            DOI: 10.14236/ewic/ICS2016.8
            SO-VID: 5e59c83b-010e-4791-ac6c-5c24b47d16eb
            Copyright © © Wolf et al. Published by BCS Learning & Development Ltd. Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016
            License:

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016
            Conference acronym: ICS-CSR
            Conference number: 4
            Conference location: Queen’s Belfast University, UK
            Conference date: 23 - 25 August 2016
            Conference sponsor: Electronic Workshops in Computing (eWiC)
            Conference theme: Cyber Security Research
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICS2016.8
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Series title: Electronic Workshops in Computing

            ScienceOpen disciplines: Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Keywords: decomposition,threat analysis,reasoning,system modelling,network security,vulnerability,ontology

            REFERENCES

            1. et al 2015 Imperfect forward secrecy: How Diffie–Hellman fails in practice 22nd ACM Conference on Computer and Communications Security 5 17

            2. 2009 Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security 183 194

            3. 2010 An ontology engineering approach to network access control configuration

            4. et al 2014 HermiT: An OWL 2 Reasoner Journal of Automated Reasoning 53 3 245 269

            5. 2008 Semantic Web: Grundlagen Berlin, Germany Springer-Verlag

            6. et al 2015 P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language IEEE Transactions on Dependable and Secure Computing 12 6 626 639

            7. et al 2011 Cauldron mission-centric cyber situational awareness with defense in depth Military Communications Conference 1339 1344

            8. et al 2009 Aug A logic-based approach to network security risk assessment Computing, Communication, Control, and Management 2009 CCCM 2009. ISECS International Colloquium on 3 9 14

            9. 2002 UMLsec: Extending UML for Secure Systems Development Berlin, Germany Springer

            10. et al 2005 Security Ontology for Annotating Resources Springer

            11. et al 2011 Automatisierung von Penetrationstest-Berichten mittels CWE DACH Security 2011

            12. et al 2006 Validating and Restoring Defense in Depth Using Attack Graphs IEEE Military Communications conference 1 10

            13. et al 2002 SecureUML: A UML-Based Modeling Language for Model-Driven Security Berlin, Germany Springer

            14. 2008 Nmap Network Scanning - Official Nmap Project Guide to Network Discovery and Security Scanning Insecure.Com, LLC

            15. et al 2005 The case for common flaw enumeration NIST Workshop on Software Security Assurance Tools, Techniques, and Metrics

            16. et al 2009 Advances in topological vulnerability analysis. In: Conference For Homeland Security, 2009. CATCH ’09 Cybersecurity Applications & Technology 124 129

            17. et al 2005 MulVAL: A logic-based network security analyzer USENIX Security 8

            18. et al 2007 Pellet: A practical OWL-DL reasoner Web Semantics:Science,Services and Agents on the World Wide Web 5 2 51 53

            19. et al 2013 The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures IEEE Systems Journal 7 3 363 373

            20. et al 2006 Using description logics for network vulnerability analysis Fifth InternationalConference on Networking and the International Conference on Systems (ICN/ICONS/MCL,Mauritiu 78

            Comments

            Comment on this article