Automatic Construction of Attack Graphs in Cyber Physical Systems Using Temporal Logic

This paper describes a novel approach for the automatic construction of attack graphs, a powerful visual representation to depict system vulnerabilities in cyber physical systems. The proposed approach generates a maximally complete set of execution traces by performing formal verification reachability analysis using temporal logic formalism. Temporal logic is used to analyze network state transition events for attack graph generation. The attack graph workflow is constructed with a scanner, a locator and a synthesizer for formal verification, vulnerability detection and sensitivity quantification respectively. Maximum Likelihood reasoning and attack covariance estimation is used to locate vulnerabilities and generate attack event trees. A data handshake communication protocol in a generic cyber physical system is analyzed as a use case to illustrate the effectiveness of this formal approach.

[1]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[2]  Moshe Y. Vardi,et al.  Temporal property verification as a program analysis task , 2012, Formal Methods Syst. Des..

[3]  Sergey Bratus,et al.  Attacking and Defending Networked Embedded Devices , 2007 .

[4]  Christian Posthoff,et al.  Boolean Differential Calculus , 2017, Synthesis Lectures on Digital Circuits and Systems.

[5]  Carlos Sarraute,et al.  Attack Planning in the Real World , 2013, ArXiv.

[6]  W. Förstner,et al.  A Metric for Covariance Matrices , 2003 .

[7]  Dong Wang,et al.  High level verification of control intensive systems using predicate abstraction , 2003, First ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2003. MEMOCODE '03. Proceedings..

[8]  Sushil Jajodia,et al.  Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts , 2006, Comput. Commun..