Formally Verifying Flow Integrity Properties in Industrial Systems∗
نویسندگان
چکیده
In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity. We apply our framework to two well-known industrial protocols: OPC-UA and MODBUS. Using TAMARIN, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify a weakness in a supposedly secure version of MODBUS.
منابع مشابه
Connectivity as a Measure of Power System Integrity
Measures of network structural integrity useful in the analysis and synthesis of power systems are discussed. Signal flow methodology is applied to derive an expression for the paths between sources and sinks in a power network. Connectivity and reach ability properties of the network are obtained using the minors of a modified connectivity matrix. Node-connectivity, branch connectivity and mix...
متن کاملFormal Verification of the AAMP 5 Microprocessor
This paper describes the experiences of Collins Commercial Avionics and SRI International in formally specifying and verifying the microcode for the AAMP5 microprocessor with the PVS verification system. This project was conducted to determine if an industrial microprocessor designed for use in real–time embedded systems could be formally specified at the instruction set and register transfer l...
متن کاملPossibilistic Information Flow Control for Workflow Management Systems
In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and associated security requirements. We present an approach for formally verifying that a workflow satisfies such security requirements. For this purpose, we define the ...
متن کاملA Practical Approach to Formal Design of Real-Time Systems
Formal methods are being increasingly used in engineering industrial software. They are mostly used for specifying and verifying software requirements, but seldom in later development phases. This paper tries to bridge the gap between formal requirements specification and final code by introducing a formally defined design notation. The proposed design notation extends structured analysis speci...
متن کاملVerifying Temporal Properties in HW-Hume
H is a modern formally-defined programming language targeted at safety-critical, resource-bounded systems. A key feature of H is the clear separation between computation and coordination, achieved through a finite-state-automata based approach, where a purely functional computation layer is embedded into a reactive coordination layer that manages interactions between processes and with th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017