Skip to main content
SpringerLink
Log in

Model Checking the Information Flow Security of Real-Time Systems

  • Conference paper
  • First Online:
Engineering Secure Software and Systems (ESSoS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10953))

Included in the following conference series:

Abstract

Cyber-physical systems are processing large amounts of sensitive information, but are increasingly often becoming the target of cyber attacks. Thus, it is essential to verify the absence of unauthorized information flow at design time before the systems get deployed. Our paper addresses this problem by proposing a novel approach to model-check the information flow security of cyber-physical systems represented by timed automata. We describe the transformation into so-called test automata, reducing the verification to a reachability test that is carried out using the off-the-shelf model checker Uppaal. Opposed to related work, we analyze the real-time behavior of systems, allowing software engineers to precisely identify timing channels that would enable attackers to draw conclusions from the system’s response times. We illustrate the approach by detecting a timing channel in a simplified model of a cyber-manufacturing system.

The stamp on the top of this paper refers to an approval process conducted by the ESSoS Artifact Evaluation Committee.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://uppaal.org

References

  1. Aceto, L., Burgueño, A., Larsen, K.G.: Model checking via reachability testing for timed automata. In: Steffen, B. (ed.) TACAS 1998. LNCS, vol. 1384, pp. 263–280. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054177

    Chapter  Google Scholar 

  2. Agat, J.: Transforming out timing leaks. In: POPL 2000, pp. 40–53. ACM (2000)

    Google Scholar 

  3. Akella, R., Tang, H., McMillin, B.M.: Analysis of information flow security in cyber-physical systems. Int. J. Crit. Infrastruct. Prot. 3(3–4), 157–173 (2010)

    Article  Google Scholar 

  4. Alur, R., Courcoubetis, C., Dill, D.L.: Model-checking in dense real-time. Inf. Comput. 104(1), 2–34 (1993)

    Article  MathSciNet  Google Scholar 

  5. Alur, R., Dill, D.L.: A theory of timed automata. Theor. Comput. Sci. 126(2), 183–235 (1994)

    Article  MathSciNet  Google Scholar 

  6. Barbuti, R., Tesei, L.: A decidable notion of timed non-interference. Fundamenta Informaticae 54(2–3), 137–150 (2003)

    MathSciNet  MATH  Google Scholar 

  7. Barthe, G., D’Argenio, P.R., Rezk, T.: Secure information flow by self-composition. Math. Struct. Comput. Sci. 21(6), 1207–1252 (2011)

    Article  MathSciNet  Google Scholar 

  8. Benattar, G., Cassez, F., Lime, D., Roux, O.H.: Control and synthesis of non-interferent timed systems. Int. J. Control 88(2), 217–236 (2015)

    Article  MathSciNet  Google Scholar 

  9. Bengtsson, J., Larsen, K., Larsson, F., Pettersson, P., Yi, W.: UPPAAL—a tool suite for automatic verification of real-time systems. In: Alur, R., Henzinger, T.A., Sontag, E.D. (eds.) HS 1995. LNCS, vol. 1066, pp. 232–243. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0020949

    Chapter  Google Scholar 

  10. Bengtsson, J., Yi, W.: Timed automata: semantics, algorithms and tools. In: Desel, J., Reisig, W., Rozenberg, G. (eds.) ACPN 2003. LNCS, vol. 3098, pp. 87–124. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27755-2_3

    Chapter  MATH  Google Scholar 

  11. Biswas, A.K., Ghosal, D., Nagaraja, S.: A survey of timing channels and countermeasures. ACM Comput. Surv. 50(1), 6:1–6:39 (2017)

    Article  Google Scholar 

  12. Broman, D., Derler, P., Eidson, J.: Temporal issues in cyber-physical systems. J. Indian Inst. Sci. 93(3), 389–402 (2013)

    Google Scholar 

  13. Cassez, F.: The dark side of timed opacity. In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 21–30. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02617-1_3

    Chapter  Google Scholar 

  14. Čerāns, K.: Decidability of bisimulation equivalences for parallel timer processes. In: von Bochmann, G., Probst, D.K. (eds.) CAV 1992. LNCS, vol. 663, pp. 302–315. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-56496-9_24

    Chapter  Google Scholar 

  15. Chattopadhyay, A., Prakash, A., Shafique, M.: Secure cyber-physical systems: current trends, tools and open research problems. In: DATE 2017, pp. 1104–1109. IEEE (2017)

    Google Scholar 

  16. Crnkovic, I., Malavolta, I., Muccini, H., Sharaf, M.: On the use of component-based principles and practices for architecting cyber-physical systems. In: CBSE 2016, pp. 23–32. IEEE (2016)

    Google Scholar 

  17. Evans, N., Schneider, S.: Analysing time dependent security properties in CSP using PVS. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 222–237. Springer, Heidelberg (2000). https://doi.org/10.1007/10722599_14

    Chapter  Google Scholar 

  18. Finkbeiner, B., Rabe, M.N., Sánchez, C.: Algorithms for model checking HyperLTL and HyperCTL\(^*\). In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 30–48. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21690-4_3

    Chapter  Google Scholar 

  19. Focardi, R., Gorrieri, R.: A taxonomy of security properties for process algebras. J. Comput. Secur. 3(1), 5–34 (1995)

    Article  Google Scholar 

  20. Focardi, R., Gorrieri, R., Martinelli, F.: Real-time information flow analysis. IEEE J. Sel. Areas Commun. 21(1), 20–35 (2003)

    Article  Google Scholar 

  21. Focardi, R., Rossi, S., Sabelfeld, A.: Bridging language-based and process calculi security. In: Sassone, V. (ed.) FoSSaCS 2005. LNCS, vol. 3441, pp. 299–315. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-31982-5_19

    Chapter  MATH  Google Scholar 

  22. Gerking, C.: Traceability of information flow requirements in cyber-physical systems engineering. In: CEUR Workshop Proceedings, DocSym@MoDELS 2016, vol. 1735 (2016)

    Google Scholar 

  23. Gerking, C.: Detection of a timing channel in an UPPAAL model of a cyber-manufacturing system (2018). https://doi.org/10.5281/zenodo.1034024

  24. Giacobazzi, R., Mastroeni, I.: Timed abstract non-interference. In: Pettersson, P., Yi, W. (eds.) FORMATS 2005. LNCS, vol. 3829, pp. 289–303. Springer, Heidelberg (2005). https://doi.org/10.1007/11603009_22

    Chapter  MATH  Google Scholar 

  25. Giraldo, J., Sarkar, E., Cárdenas, A.A., Maniatakos, M., Kantarcioglu, M.: Security and privacy in cyber-physical systems: a survey of surveys. IEEE Des. Test 34(4), 7–17 (2017)

    Article  Google Scholar 

  26. Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE S&P, pp. 11–20. IEEE (1982)

    Google Scholar 

  27. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: IEEE S&P, pp. 75–87. IEEE (1984)

    Google Scholar 

  28. Gorrieri, R., Lanotte, R., Maggiolo-Schettini, A., Martinelli, F., Tini, S., Tronci, E.: Automated analysis of timed security. Int. J. Inf. Secur. 2(3–4), 168–186 (2004)

    Article  Google Scholar 

  29. Guttman, J.D., Nadel, M.E.: What needs securing. In: CSFW, pp. 34–57. MITRE Corporation Press (1988)

    Google Scholar 

  30. Heinzemann, C., Brenner, C., Dziwok, S., Schäfer, W.: Automata-based refinement checking for real-time systems. Comput. Sci. - R&D 30(3–4), 255–283 (2015)

    Google Scholar 

  31. Kashyap, V., Wiedermann, B., Hardekopf, B.: Timing- and termination-sensitive secure information flow. In: IEEE S&P, pp. 413–428. IEEE (2011)

    Google Scholar 

  32. Köpf, B., Basin, D.: Timing-sensitive information flow analysis for synchronous systems. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 243–262. Springer, Heidelberg (2006). https://doi.org/10.1007/11863908_16

    Chapter  Google Scholar 

  33. Lanotte, R., Maggiolo-Schettini, A., Tini, S.: Privacy in real-time systems. Electron. Notes Theor. Comput. Sci. 52(3), 295–305 (2001)

    Article  Google Scholar 

  34. Lanotte, R., Maggiolo-Schettini, A., Troina, A.: Time and probability-based information flow analysis. IEEE Trans. Softw. Eng. 36(5), 719–734 (2010)

    Article  Google Scholar 

  35. Lee, E.A.: CPS foundations. In: DAC 2010, pp. 737–742. ACM (2010)

    Google Scholar 

  36. van der Meyden, R., Zhang, C.: Algorithmic verification of noninterference properties. Electron. Notes Theor. Comput. Sci. 168, 61–75 (2007)

    Article  Google Scholar 

  37. van der Meyden, R., Zhang, C.: A comparison of semantic models for noninterference. Theor. Comput. Sci. 411(47), 4123–4147 (2010)

    Article  MathSciNet  Google Scholar 

  38. Nguyen, P.H., Ali, S., Yue, T.: Model-based security engineering for cyber-physical systems. Inf. Softw. Technol. 83, 116–135 (2017)

    Article  Google Scholar 

  39. Peisert, S., Margulies, J., Nicol, D.M., Khurana, H., Sawall, C.: Designed-in security for cyber-physical systems. IEEE Secur. Priv. 12(5), 9–12 (2014)

    Article  Google Scholar 

  40. Rafnsson, W., Jia, L., Bauer, L.: Timing-sensitive noninterference through composition. In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 3–25. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_1

    Chapter  Google Scholar 

  41. Roscoe, A.W., Huang, J.: Checking noninterference in timed CSP. Formal Asp. Comput. 25(1), 3–35 (2013)

    Article  MathSciNet  Google Scholar 

  42. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)

    Article  Google Scholar 

  43. Schivo, S., Yildiz, B.M., Ruijters, E., Gerking, C., Kumar, R., Dziwok, S., Rensink, A., Stoelinga, M.: How to efficiently build a front-end tool for UPPAAL: a model-driven approach. In: Larsen, K.G., Sokolsky, O., Wang, J. (eds.) SETTA 2017. LNCS, vol. 10606, pp. 319–336. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69483-2_19

    Chapter  Google Scholar 

  44. Son, J., Alves-Foss, J.: A formal framework for real-time information flow analysis. Comput. Secur. 28(6), 421–432 (2009)

    Article  Google Scholar 

  45. Vasilikos, P., Nielson, F., Nielson, H.R.: Secure information release in timed automata. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 28–52. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_2

    Chapter  Google Scholar 

Download references

Acknowledgments

The authors would like to thank Johannes Geismann and Marie Christin Platenius for helpful comments on drafts of this paper.

Author information

Authors and Affiliations

  1. Heinz Nixdorf Institute, Paderborn University, Paderborn, Germany

    Christopher Gerking & Eric Bodden

  2. Fraunhofer IEM, Paderborn, Germany

    David Schubert & Eric Bodden

Authors
  1. Christopher Gerking
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Schubert
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eric Bodden
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christopher Gerking .

Editor information

Editors and Affiliations

  1. Purdue University, West Lafayette, USA

    Mathias Payer

  2. University of Bristol, Clifton, UK

    Awais Rashid

  3. King’s College London, London, UK

    Jose M. Such

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gerking, C., Schubert, D., Bodden, E. (2018). Model Checking the Information Flow Security of Real-Time Systems. In: Payer, M., Rashid, A., Such, J. (eds) Engineering Secure Software and Systems. ESSoS 2018. Lecture Notes in Computer Science(), vol 10953. Springer, Cham. https://doi.org/10.1007/978-3-319-94496-8_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-94496-8_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-94495-1

  • Online ISBN: 978-3-319-94496-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation