Safety & Security Analysis of a Manufacturing System using Formal Verification and Attack-Simulation

2023 12th Mediterranean Conference on Embedded Computing (MECO) Pub Date : 2023-06-06 DOI:10.1109/MECO58584.2023.10154960

E. Kang, Simon Hacks

{"title":"Safety & Security Analysis of a Manufacturing System using Formal Verification and Attack-Simulation","authors":"E. Kang, Simon Hacks","doi":"10.1109/MECO58584.2023.10154960","DOIUrl":null,"url":null,"abstract":"Key to reliable manufacturing systems is ensuring the trustworthiness of the decision-making and control mechanisms that supplant human control, i.e., systems need to remain safe while being resilient against functional failures, unpredictable changes, and cyber-security threats. We present a correct-by-construction approach to identify and analyze essential requirements that ensure the safety and security of a manufacturing system using a combination of System Theoretic Process Analysis (STPA)-based verification and attack simulation. This approach utilizes formal modeling and analysis to remove ambiguities in the requirement and specify safety properties that should be satisfied in system design. Potential safety hazards are identified using STPA-based model checking and possible cyber-security threats are diagnosed through attack simulation. Additional safety and security constraints inhibiting the hazards and threats are generated to improve the system design accordingly. Our approach is demonstrated on an autonomous assembly line system case study.","PeriodicalId":187825,"journal":{"name":"2023 12th Mediterranean Conference on Embedded Computing (MECO)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 12th Mediterranean Conference on Embedded Computing (MECO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MECO58584.2023.10154960","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Key to reliable manufacturing systems is ensuring the trustworthiness of the decision-making and control mechanisms that supplant human control, i.e., systems need to remain safe while being resilient against functional failures, unpredictable changes, and cyber-security threats. We present a correct-by-construction approach to identify and analyze essential requirements that ensure the safety and security of a manufacturing system using a combination of System Theoretic Process Analysis (STPA)-based verification and attack simulation. This approach utilizes formal modeling and analysis to remove ambiguities in the requirement and specify safety properties that should be satisfied in system design. Potential safety hazards are identified using STPA-based model checking and possible cyber-security threats are diagnosed through attack simulation. Additional safety and security constraints inhibiting the hazards and threats are generated to improve the system design accordingly. Our approach is demonstrated on an autonomous assembly line system case study.

查看原文本刊更多论文

基于形式化验证和攻击仿真的制造系统安全性分析

可靠制造系统的关键是确保替代人为控制的决策和控制机制的可信度，即系统需要保持安全，同时能够抵御功能故障、不可预测的变化和网络安全威胁。我们提出了一种基于系统理论过程分析(STPA)的验证和攻击模拟相结合的方法来识别和分析确保制造系统安全性的基本要求。该方法利用形式化建模和分析来消除需求中的歧义，并指定系统设计中应满足的安全属性。通过基于stp的模型检测识别潜在安全隐患，通过攻击仿真诊断可能存在的网络安全威胁。额外的安全和安保约束抑制了危害和威胁的产生，从而相应地改进了系统设计。我们的方法在一个自主装配线系统案例研究中得到了验证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 12th Mediterranean Conference on Embedded Computing (MECO)

自引率

0.00%

发文量