Abstract
Cyber-physical systems (CPS) are heterogeneous inter-operating parts of different aspects that can be physical, technical, networking, and even social like agent operators in smart grids. The main concerns of CPS are ensuring security and well-functioning against attacks that can either be technical or socio-technical based threats. To detail how well security policies are expressed, integrated, and reinforced within a CPS, we rely on formal methods to develop a sound approach that models CPS entities, especially their demeanor and interactions. Further, the approach proposes to specify formally security requirements and policies in CPS. For security analysis, we propose an algorithm that reinforces the specified security policies and also quantifies the validity of requirements for CPS. Finally, we validate the approach on a real case scenario of CPS in the presence of social and technical treats.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ouchani, S.: Ensuring the functional correctness of IoT through formal modeling and verification. In: Abdelwahed, E.H., Bellatreche, L., Golfarelli, M., Méry, D., Ordonez, C. (eds.) MEDI 2018. LNCS, vol. 11163, pp. 401–417. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00856-7_27
Ouchani, S., Ait Mohamed, O., Debbabi, M.: Efficient probabilistic abstraction for SysML activity diagrams. In: Eleftherakis, G., Hinchey, M., Holcombe, M. (eds.) SEFM 2012. LNCS, vol. 7504, pp. 263–277. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33826-7_18
Lenzini, G., Mauw, S., Ouchani, S.: Security analysis of socio-technical physical systems. Comput. Electr. Eng. 47(C), 258–274 (2015)
Hartel, P., van Eck, P., Etalle, S., Wieringa, R.: Modelling mobility aspects of security policies. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 172–191. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30569-9_9
Jaume, M.: Semantic comparison of security policies: from access control policies to flow properties. In: 2012 IEEE Symposium on Security and Privacy Workshops (SPW), pp. 60–67, May 2012
Ranise, S., Traverso, R.: ALPS: an action language for policy specification and automated safety analysis. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 146–161. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11851-2_10
Tschantz, M.C., Datta, A., Wing, J.M.: Formalizing and enforcing purpose restrictions in privacy policies. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 176–190, May 2012
Bertolissi, C., Fernandez, M.: Time and location based services with access control. In: New Technologies, Mobility and Security, NTMS 2008, pp. 1–6, November 2008
Fong, P.W.L.: Relationship-based access control: protection model and policy language. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, pp. 191–202 (2011)
Ouchani, S., Mohamed, O.A., Debbabi, M.: A security risk assessment framework for SysML activity diagrams. In: 2013 IEEE 7th International Conference on Software Security and Reliability (SERE), pp. 227–236 (2013)
Ouchani, S., Mohamed, O.A., Debbabi, M.: Attacks generation by detecting attack surfaces. Procedia Comput. Sci. 32, 529–536 (2014). The 5th International Conference on Ambient Systems, Networks and Technologies (ANT-2014), the 4th International Conference on Sustainable Energy Information Technology (SEIT-2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ouchani, S. (2020). Towards a Security Reinforcement Mechanism for Social Cyber-Physical Systems. In: Hamlich, M., Bellatreche, L., Mondal, A., Ordonez, C. (eds) Smart Applications and Data Analysis. SADASC 2020. Communications in Computer and Information Science, vol 1207. Springer, Cham. https://doi.org/10.1007/978-3-030-45183-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-45183-7_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45182-0
Online ISBN: 978-3-030-45183-7
eBook Packages: Computer ScienceComputer Science (R0)