4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)
Cyber Security Research
23 - 25 August 2016
Incomplete information about connectivity and functionality of elements of networked control systems is a challenging issue in applying model-based security analysis in practice. This issue can be addressed by modelling techniques providing inherent mechanisms to describe incomplete information. We present and exemplary demonstrate a new, ontology-based method to adaptively model and analyse networked control systems froma security perspective.Ourmethod allowsmodelling different parts of the systemwith different levels of detail. We include a formalism to handle incomplete information by applying iterative extension and iterative refinement of the model where necessary. By usingmachine-based reasoning on an ontologymodel of the system, security-relevant information is deduced. During this process, non-obvious attack vectors are identified using a structural analysis of the model and by connecting the model to vulnerability information.