1,306
views
0
recommends
+1 Recommend
1 collections
    0
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      A SysML Extension for Security Analysis of Industrial Control Systems

      Published
      proceedings-article
      , , ,
      2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014) (ICSCSR)
      ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)
      11-12 September 2014
      Industrial control systems security, SysML
      Bookmark

            Abstract

            The security of Industrial Control Systems (ICS) has become an important topic. Recent attacks have shown that inadequately protecting control systems could have disastrous consequences for society. This paper presents an extension for the Systems Modeling Language (SysML), allowing for the extraction of vulnerabilities from an industrial control system model. After a control system is modeled in SysML, the model is converted into input for a formal reasoning tool. This tool contains a logic theory which is used for the vulnerability extraction. The rules in this logic theory are inferred from the ICS-CERT vulnerability database and ICS security standards. Once the vulnerabilities have been extracted, they are included in the SysML diagrams of the model. The modeling approach allows the user to quickly see which changes to the system get rid of the reported vulnerabilities. It is also possible to mark certain components as compromised to see the consequences of attacks on these components for system security as a whole. The resulting analysis can be used to strengthen the security of the control system.

            Content

            Author and article information

            Contributors
            Conference
            September 2014
            September 2014
            : 1-9
            Affiliations
            [0001]KU Leuven

            Department of Industrial Engineering

            Gebroeders Desmetstraat 1, 9000 Ghent, Belgium
            [0002]KU Leuven

            iMinds-DistriNet

            Celestijnenlaan 200A, 3001 Heverlee, Belgium
            Article
            10.14236/ewic/ICSCSR2014.1
            2755c059-4047-46a2-8e0a-b8cf6ff974d4
            © Laurens Lemaire et al. Published by BCS Learning and Development Ltd. 2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014), St Pölten, Austria

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)
            ICSCSR
            2
            St Pölten, Austria
            11-12 September 2014
            Electronic Workshops in Computing (eWiC)
            ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICSCSR2014.1
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Industrial control systems security,SysML

            Comments

            Comment on this article