Examination of the interplay of reliability and security using System Modeling Language

Abstract

System modeling language (OMG SysMLTM) is a graphical modeling language that has been developed to describe complex systems. It provides semantics and notations to describe complex systems independent of engineering tools and methodologies. The study summarized in this paper applied the SysML semantics and notation to provide a common reference for examining the interplay of reliability and security in complex systems. This paper briefly outlines elements of the articulation of reliability and security in SysML and presents general findings from the study of their interplay in the context of a hypothetical communication system. This review begins with a demonstration of defining desired system functionality using the SysML use case diagram. Additional use case diagrams are then created to model a malicious agent's desire to either disrupt or gain illegal access to a system. Because the use case can be used to define both legitimate and illegitimate functional applications of the system, reliability and security are identified as coherent concepts. Being coherent, the correlation of reliability and security will depend on their contextual separation. Contextual separation is built through associations from the use case diagram through other SysML constructs. These associations point to operating environment and operational periods linked to a particular use case and provides context for element-level reliability modeling. Functional expectations, operating conditions, and operational periods are linked to parametric diagrams that model individual facets of reliability and security. This contextually embeds reliability and security directly into the system model. The interplay between reliability and security occurs when associations to their embedded facets cross paths in the system model. It is found that the interaction is dependent on the form of the attack selected by a malicious agent. Systems that are highly reliable in the functional sense are typically secure against attacks aimed at simply halting functionality. In contrast, the security of that same system against forms of attack that exploit some system characteristic will depend on the attacker's knowledge of and access to the system.