The security of Industrial Control Systems (ICS) has become an important topic. Recent attacks have shown that inadequately protecting control systems could have disastrous consequences for society.
This paper presents an extension for the Systems Modeling Language (SysML), allowing for the extraction of vulnerabilities from an industrial control system model. After a control system is modeled in SysML, the model is converted into input for a formal reasoning tool. This tool contains a logic theory which is used for the vulnerability extraction. The rules in this logic theory are inferred from the ICS-CERT vulnerability database and ICS security standards. Once the vulnerabilities have been extracted, they are included in the SysML diagrams of the model.
The modeling approach allows the user to quickly see which changes to the system get rid of the reported vulnerabilities. It is also possible to mark certain components as compromised to see the consequences of attacks on these components for system security as a whole. The resulting analysis can be used to strengthen the security of the control system.