{"title":"云连接SCADA网络安全标准的合规性验证","authors":"T. Kulik, P. Tran-Jørgensen, Jalil Boudjadar","doi":"10.1109/GIOTS.2019.8766363","DOIUrl":null,"url":null,"abstract":"Advances in IoT and cloud computing are revolutionizing the architecture of industrial control systems by changing them from isolated architectures to decentralized ones. This leads to increased complexity that exposes these systems to cyber threats from both the cloud and the control environment. Different cyber security standards have been proposed for securing these systems based on a set of security requirements. However, these requirements are often specified in natural language, which makes formal verification of security properties against the standards challenging. In this paper we propose a framework for modeling cloud-connected SCADA systems and formally verify their compliance with the IEC-62443-3-3 standard. We model the system and the security requirements from the standards using the formal modeling language TLA+ in order to formally verify compliance with the standard using the TLC model checker. The applicability of our technique is demonstrated using an industrial case study.","PeriodicalId":149504,"journal":{"name":"2019 Global IoT Summit (GIoTS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Compliance verification of a cyber security standard for Cloud-connected SCADA\",\"authors\":\"T. Kulik, P. Tran-Jørgensen, Jalil Boudjadar\",\"doi\":\"10.1109/GIOTS.2019.8766363\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advances in IoT and cloud computing are revolutionizing the architecture of industrial control systems by changing them from isolated architectures to decentralized ones. This leads to increased complexity that exposes these systems to cyber threats from both the cloud and the control environment. Different cyber security standards have been proposed for securing these systems based on a set of security requirements. However, these requirements are often specified in natural language, which makes formal verification of security properties against the standards challenging. In this paper we propose a framework for modeling cloud-connected SCADA systems and formally verify their compliance with the IEC-62443-3-3 standard. We model the system and the security requirements from the standards using the formal modeling language TLA+ in order to formally verify compliance with the standard using the TLC model checker. The applicability of our technique is demonstrated using an industrial case study.\",\"PeriodicalId\":149504,\"journal\":{\"name\":\"2019 Global IoT Summit (GIoTS)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 Global IoT Summit (GIoTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/GIOTS.2019.8766363\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 Global IoT Summit (GIoTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/GIOTS.2019.8766363","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Compliance verification of a cyber security standard for Cloud-connected SCADA
Advances in IoT and cloud computing are revolutionizing the architecture of industrial control systems by changing them from isolated architectures to decentralized ones. This leads to increased complexity that exposes these systems to cyber threats from both the cloud and the control environment. Different cyber security standards have been proposed for securing these systems based on a set of security requirements. However, these requirements are often specified in natural language, which makes formal verification of security properties against the standards challenging. In this paper we propose a framework for modeling cloud-connected SCADA systems and formally verify their compliance with the IEC-62443-3-3 standard. We model the system and the security requirements from the standards using the formal modeling language TLA+ in order to formally verify compliance with the standard using the TLC model checker. The applicability of our technique is demonstrated using an industrial case study.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
