Abstract
Today policy specification and enforcement mechanisms are often interwoven with the industrial control processes on which the security policy is enforced. This leads to interferences and non-secure behaviour as well as increases system attack surface. This paper presents a security system architecture and a framework where the processes, policies, and enforcement are strictly separated. The security architecture follows separation and least-privilege principles. The policy framework is based on a formal language and tools to specify and generate components for the security architecture. We illustrate our approach on an technological process and present how this solution is implemented in practice where security is mixed with safety requirements such as real-time, worst case execution time and certification.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hydraulic Shock Safety Bulletin. U.S. Chemical Safety Board, January 2015. http://www.csb.gov/assets/1/19/final_CSB_CaseStudy_Millard_0114_0543PM.pdf
Federal Office for Information Security. The IT security in Germany 2014 (Bundesamt für Sicherheit in der Informationstechnik. Die Lage der IT-Sicherheit in Deutschland 2014). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2014.pdf?__blob=publicationFile
Abrams, M., Weiss, J.: Applied Control Solutions. Malicious Control System Cyber Security Attack Case StudyMaroochy Water Services, Australia. http://csrc.nist.gov/groups/SMA/fisma/ics/documents/Maroochy-Water-Services-Case-Study_report.pdf
Langner, R.: To Kill a Centrifuge. A Technical Analysis of What Stuxnet’s Creators Tried to Achieve. Langner Blog (2013). http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a-centrifuge.pdf
Mossakowski, T., Drouineaud, M., Sohr, K.: A temporal-logic extension of role-based access control covering dynamic separation of duties. In: TIME, pp. 83–90. IEEE Computer Society (2003)
Mondal, S., Sural, S., Atluri, V.: Towards formal security analysis of GTRBAC using timed automata. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 33–42. ACM (2009)
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a temporal role-based access control model. In: Proceedings of the Fifth ACM Workshop on Role-Based Access Control, Berlin, pp. 21–30. ACM, July 2000
Uzun, E., Atluri, V., Sural, S., Vaidya, J., Parlato, G., Ferrara, A.L., Madhusudan, P.: Analyzing temporal role based access control models. In: Proceeding of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 177–186. ACM, New York (2012)
Joshi, J.B.D., Bertino, E., Ghafoor, A.: Temporal hierarchies and inheritance semantics for GTRBAC. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, Monterey, pp. 74–83. ACM, July 2002
Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)
Balliu, M., Dam, M., Guernic, G.L.: Epistemic temporal logic for information flow security. CoRR abs/1208.6106 (2012)
Chemical Facility Security News. Control System Scenarios, April 2015. http://chemical-facility-security-news.blogspot.de/2015/04/control-system-scenarios.html
Banerjee, A., Naumann, D.A., Rosenberg, S.: Expressive declassification policies and modular static enforcement. In: IEEE Symposium on Security and Privacy, pp. 339–353. IEEE Computer Society (2008)
Rocha, B.P.S., Bandhakavi, S., den Hartog, J., Winsborough, W.H., Etalle, S.: Towards static flow-based declassification for legacy and untrusted programs. In: IEEE Symposium on Security and Privacy, pp. 93–108. IEEE Computer Society (2010)
Spencer, R., Smalley, S., Hibler, M., Andersen, D.: The flask security architecture: system support for diverse security policies. In: Proceedings of the Eighth USENIX Security Symposium, pp. 123–139, August 1999
SYSGO AG. www.sysgo.com
Kaspersky Lab. www.kaspersky.com
Brygier, J., Fuchsen, R., Blasum, H.: Safe and secure virtualization in a separation microkernel. In: Proceedings, Embedded World Conference. Nuremberg (2009)
Verbeek, F., Schmaltz, J., Tverdyshev, S., Blasum, H., Havle, O., Langenstein, B., Stephan, W., Wolff, B.: Formal functional specification of the pikeos separation kernel. In: Proceedings of 7th NASA Formal Methods Symposium. Pasadena (2015)
EURO-MILS Consortium: MILS Architecture, Technical report (2014). http://euromils.eu/downloads/2014-EURO-MILS-MILS-Architecture-white-paper.pdf
Rushby, J.: Design and verification of secure systems. In: Eighth ACM Symposium on Operating System Principles, pp. 12–21 (1981). http://www.sdl.sri.com/papers/sosp81/sosp81.pdf
Acknowledgement
A part of the research leading to these results has received funding from the European Union’s Seventh Framework Programme (FP7/2007-2013) grant agreement no. 318353 (EURO-MILS, http://www.euromils.eu).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Tverdyshev, S., Blasum, H., Rudina, E., Kulagin, D., Dyakin, P., Moiseev, S. (2016). Security Architecture and Specification Framework for Safe and Secure Industrial Automation. In: Rome, E., Theocharidou, M., Wolthusen, S. (eds) Critical Information Infrastructures Security. CRITIS 2015. Lecture Notes in Computer Science(), vol 9578. Springer, Cham. https://doi.org/10.1007/978-3-319-33331-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-33331-1_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-33330-4
Online ISBN: 978-3-319-33331-1
eBook Packages: Computer ScienceComputer Science (R0)