Security analysis of socio-technical physical systems

Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents - here called socio-technical physical systems - have limitations: their agent behavior is too simple, they just estimate feasibility and not the likelihood of attacks, or they do estimate likelihood but on explicitly provided attacks only. We propose a model that can detect and quantify attacks. It has a rich set of agent actions with associated probability and cost. We also propose a threat model, an intruder that can misbehave and that competes with honest agents. The intruder's actions have an associated cost and are constrained to be realistic. We map our model to a probabilistic symbolic model checker and we express templates of security properties in the Probabilistic Computation Tree Logic, thus supporting automatic analysis of security properties. A use case shows the effectiveness of our approach.

[1]  Flemming Nielson,et al.  Where Can an Insider Attack? , 2006, Formal Aspects in Security and Trust.

[2]  Betty Medsger The Burglary: The Discovery of J. Edgar Hoover's Secret FBI , 2014 .

[3]  Cas J. F. Cremers,et al.  Operational Semantics and Verification of Security Protocols , 2012, Information Security and Cryptography.

[4]  Mathias Ekstedt,et al.  The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.

[5]  Brian Whitworth,et al.  The Social Design of Technical Systems: Building Technologies for Communities , 2013 .

[6]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[7]  Dusko Pavlovic,et al.  Formalizing Physical Security Procedures , 2012, STM.

[8]  Ron Briley The Burglary: The Discovery of J. Edgar Hoover's Secret FBI Betty Medsger. New York: Alfred A. Knopf, 2014. , 2016 .

[9]  Christel Baier,et al.  Principles of Model Checking (Representation and Mind Series) , 2008 .

[10]  Marta Z. Kwiatkowska,et al.  Automated Verification Techniques for Probabilistic Systems , 2011, SFM.

[11]  Christel Baier,et al.  Principles of model checking , 2008 .

[12]  John Mylopoulos,et al.  Adaptive socio-technical systems: a requirements-based approach , 2011, Requirements Engineering.

[13]  Yue Xu,et al.  Social engineering in social networking sites: Affect-based model , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[14]  Christian W. Probst,et al.  An extensible analysable system model , 2008, Inf. Secur. Tech. Rep..

[15]  Pieter H. Hartel,et al.  Portunes: Representing Attack Scenarios Spanning through the Physical, Digital and Social Domain , 2010, ARSPA-WITS.

[16]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[17]  Marta Z. Kwiatkowska,et al.  PRISM 4.0: Verification of Probabilistic Real-Time Systems , 2011, CAV.

[18]  Dagur Gunnarsson,et al.  Static Analysis of the Insider Problem , 2007 .

[19]  Christian W. Probst,et al.  Analysing Access Control Specifications , 2009, 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering.

[20]  Vitaly Shmatikov,et al.  Security Protocols , 2007, Lecture Notes in Computer Science.

[21]  Stephan Merz,et al.  Model Checking , 2000 .

[22]  Frank L. Greitzer,et al.  Modeling Human Behavior to Anticipate Insider Attacks , 2011 .

[23]  Y. Rogers,et al.  Interaction Design , 2002 .

[24]  Rocco De Nicola,et al.  KLAIM: A Kernel Language for Agents Interaction and Mobility , 1998, IEEE Trans. Software Eng..

[25]  Gurvirender P. Tejay,et al.  Developing insider attack detection model: A grounded approach , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[26]  Jan Jürjens,et al.  Security protocols, properties, and their monitoring , 2008, SESS '08.

[27]  Valérie Issarny,et al.  Formal Methods for Eternal Networked Software Systems , 2011, Lecture Notes in Computer Science.