Formal Security Analysis of Cloud-Connected Industrial Control Systems

Industrial control systems are changing from isolated to remotely accessible cloud-connected architectures. Despite their advantages, these architectures introduce extra complexity, which makes it more difficult to ensure the security of these systems prior to deployment. One way to address this is by using formal methods to reason about the security properties of these systems during the early stages of development. Specifically, by analyzing security attacks and verifying that the corresponding mitigation strategies work as intended. In this paper, we present a formal framework for security analysis of cloud-connected industrial control systems. We consider several well-known attack scenarios and formally verify mitigation strategies for each of them. Our framework is mechanized using TLA+ in order to enable formal verification of security properties. Finally we demonstrate the applicability of our work using an industrial case study.

[1]  Mamoun Filali,et al.  An Alternative Definition for Timed Automata Composition , 2011, ATVA.

[2]  Kwang-Cheng Chen,et al.  Information Fusion to Defend Intentional Attack in Internet of Things , 2014, IEEE Internet of Things Journal.

[3]  Peter Herrmann,et al.  Compositional Verification of Application-Level Security Properties , 2013, ESSoS.

[4]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[5]  Robert F. Mills,et al.  A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification , 2016 .

[6]  Boo-Sun Jeon,et al.  A study of cyber security policy in industrial control system using data diodes , 2016, 2016 18th International Conference on Advanced Communication Technology (ICACT).

[7]  Bandar Aldawsari,et al.  Security-Oriented Cloud Platform for SOA-Based SCADA , 2015, 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.

[8]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[9]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[10]  Dianxiang Xu,et al.  Model Checking of Security Properties in Industrial Control Systems (ICS) , 2018, CODASPY.

[11]  R. S. H. Piggin Securing SCADA in the cloud: Managing the risks to avoid the perfect storm , 2014 .

[12]  Leslie Lamport,et al.  Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers [Book Review] , 2002, Computer.

[13]  Gabriel Pedroza,et al.  AVATAR: A SysML Environment for the Formal Verification of Safety and Security Properties , 2011, 2011 11th Annual International Conference on New Technologies of Distributed Systems.

[14]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[15]  Chakib Bekara,et al.  Security Issues and Challenges for the IoT-based Smart Grid , 2014, FNC/MobiSPC.

[16]  Danfeng Zhang,et al.  Ironclad Apps: End-to-End Security via Automated Full-System Verification , 2014, OSDI.

[17]  Salvatore J. Stolfo,et al.  When Firmware Modifications Attack: A Case Study of Embedded Exploitation , 2013, NDSS.

[18]  Dong Seong Kim,et al.  A Framework for Modeling and Assessing Security of the Internet of Things , 2015, 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS).

[19]  Leslie Lamport,et al.  The PlusCal Algorithm Language , 2009, ICTAC.