Name
Abstract | ||
|---|---|---|
Cyber-physical systems are processing large amounts of sensitive information, but are increasingly often becoming the target of cyber attacks. Thus, it is essential to verify the absence of unauthorized information flow at design time before the systems get deployed. Our paper addresses this problem by proposing a novel approach to model-check the information flow security of cyber-physical systems represented by timed automata. We describe the transformation into so-called test automata, reducing the verification to a reachability test that is carried out using the off-the-shelf model checker Uppaal. Opposed to related work, we analyze the real-time behavior of systems, allowing software engineers to precisely identify timing channels that would enable attackers to draw conclusions from the system's response times. We illustrate the approach by detecting a timing channel in a simplified model of a cyber-manufacturing system. |
Year | DOI | Venue |
|---|---|---|
2018 | 10.1007/978-3-319-94496-8_3 | Lecture Notes in Computer Science |
Keywords | Field | DocType |
Model checking,Information flow,Security,Real time | Information flow (information theory),Model checking,Computer science,Automaton,Communication channel,Real-time computing,Reachability,Software,Information sensitivity | Conference |
Volume | ISSN | Citations |
10953 | 0302-9743 | 1 |
PageRank | References | Authors |
0.36 | 29 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Christopher Gerking | 1 | 36 | 4.53 |
| David Schubert | 2 | 16 | 4.01 |
| Eric Bodden | 3 | 2017 | 107.73 |