Skip to main content

On the Security and Complexity of Periodic Systems

Abstract

Recent years have seen a tremendous increase in the reliance of industrial systems on a variety of interconnected components ranging in complexity from simple sensors to more complex cyber-physical and Internet of Things (IoT) devices, a class of systems that is often referred to as Industry 4.0 (I4.0). Increased connectivity and the proliferation of insecure components present an opportunity for cyber attacks that could in practice inflect far-reaching damage. We present in this paper a formal modeling and analysis approach of I4.0 applications and their safety and security properties. We introduce formal models of I4.0 applications as automata systems (AS) expressed as theories in Multiset Rewriting (MSR). We also identify different subclasses of AS, reflecting different types of I4.0 requirements, such as periodicity. Furthermore, we model different levels of threats to the system by proposing a range of intruder models based on the number of actions that intruders can use. These models are used to investigate the complexity of two types of problems: functional correctness (safety) and vulnerability to attacks (security). Finally, we demonstrate that periodic systems are amenable to automated verification by describing an executable specification of these models using the rewriting tool Maude and carrying out various experiments.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Notes

  1. See https://www.youtube.com/watch?v=Tkcv-mbhYqk starting at 55 s for a very small scale version of the PnP.

References

  1. Ademaj et al. Time sensitive networks for flexible manufacturing testbed—description of converged traffic types, IIC white paper 2019.

  2. AlTurki MA, Kanovich M, Ban Kirigin T, Nigam V, Scedrov A, Talcott C. Statistical model checking of distance fraud attacks on the Hancke-Kuhn family of protocols. In: Proceedings of the 2018 workshop on cyber-physical systems security and privacy, 60–71. ACM 2018. https://dl.acm.org/doi/10.1145/3264888.3264895

  3. AlTurki MA, Ban Kirigin T, Kanovich M, Nigam V, Scedrov A, Talcott C. On security analysis of periodic systems: expressiveness and complexity. In: ICISSP 2021-Proceedings of the 7th International Conference on information systems security and privacy. 2021;1:43–54.

  4. Biere A, Cimatti A, Clarke EM, Strichman O, Zhu Y. Bounded model checking. Adv Comput. 2003;58:117–48.

    Article  Google Scholar 

  5. Cyberattack has caused confirmed physical damage for the second time ever. 2015. https://www.wired.com/2015/01/german-steel-mill-hack-destruction/. Accessed 30 Sep 2021

  6. Clavel M, Durán F, Eker S, Lincoln P, Martí-Oliet N, Meseguer J, Talcott C. All about Maude: a high-performance logical framework, volume 4350 of LNCS. Berlin: Springer; 2007.

    MATH  Google Scholar 

  7. Dolev D, Yao A. On the security of public key protocols. IEEE Trans Inf Theory. 1983;29(2):198–208.

    MathSciNet  Article  Google Scholar 

  8. Durgin NA, Lincoln P, Mitchell JC, Scedrov A. Multiset rewriting and the complexity of bounded security protocols. J Comput Secur. 2004;12(2):247–311.

    Article  Google Scholar 

  9. Enderton HB. A mathematical introduction to logic. Cambridge: Academic Press; 1972.

    MATH  Google Scholar 

  10. ENISA. Good practices for security of internet of things in the context of smart manufacturing 2018. https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot. Accessed 30 Sep 2021

  11. Fiat M, et al. OPC UA security analysis 2017. https://opcfoundation.org/wp-content/uploads/2017/04/OPC_UA_security_analysis-OPC-F-Responses-2017_04_21.pdf. Accessed 30 Sep 2021

  12. Kanovich M, Ban Kirigin T, Nigam V, Scedrov A. Bounded memory protocols and progressing collaborative systems. In: Crampton J, Jajodia S, Mayes K, editors. Computer Security—ESORICS. 2013;2013:309–26.

  13. Kanovich MI, Ban Kirigin T, Nigam V, Scedrov A. Bounded memory Dolev-Yao adversaries in collaborative systems. Inf Comput. 2014;238:233–61.

    MathSciNet  Article  Google Scholar 

  14. Kanovich MI, Ban Kirigin T, Nigam V, Scedrov A, Talcott CL, Perovic R. A rewriting framework and logic for activities subject to regulations. Math Struct Comput Sci. 2017;27(3):332–75.

    MathSciNet  Article  Google Scholar 

  15. Kanovich MI, Ban Kirigin T, Nigam V, Scedrov A, Talcott CL. Time, computational complexity, and probability in the analysis of distance-bounding protocols. J Comput Secur. 2017;25(6):585–630.

    Article  Google Scholar 

  16. Kanovich MI, Rowe P, Scedrov A. Collaborative planning with confidentiality. J Autom Reason. 2011;46(3–4):389–421.

    MathSciNet  Article  Google Scholar 

  17. Lanotte R, Merro M, Munteanu A, Viganò L. A formal approach to physics-based attacks in cyber-physical systems. ACM Trans Priv Secur. 2020;23(1):1–41. https://dl.acm.org/doi/10.1145/3373270

    Article  Google Scholar 

  18. Leveson NG, Thomas JP. STPA handbook. 2018. https://psas.scripts.mit.edu/home/get_file.php?name=STPA_handbook.pdf. Accessed 30 Sep 2021

  19. Nigam V, Talcott C. Formal security verification of industry 4.0 applications. In: The 24th IEEE International Conference on emerging technologies and factory automation (ETFA), special track on cybersecurity in industrial control systems, 2019;1043–1050. https://ieeexplore.ieee.org/document/8869428

  20. Nigam V, Talcott C. Automated construction of security integrity wrappers for Industry 4.0 applications. In: The 13th International Workshop on rewriting logic and its applications, volume 12328 of LNCS, 2020; p. 197–215.

  21. Savage JE. Models of computation. Reading: Addison-Wesley; 1998.

    MATH  Google Scholar 

  22. Urquiza AA, AlTurki MA, Kanovich M, Ban Kirigin T, Nigam V, Scedrov A, Talcott C. Resource and timing aspects of security protocols. J Comput Secur. 2021;29(3):299–340.

    Article  Google Scholar 

  23. Urquiza AA, AlTurki MA, Kanovich M, Ban Kirigin T, Nigam V, Scedrov A, Talcott C . Resource-bounded intruders in denial of service attacks. In: 32nd Computer Security Foundations Symposium (CSF), 2019; p. 382–96. IEEE.

  24. Yoong LH, Roop PS, Bhatti ZE, Kupz MMY. Model-driven design using IEC 61499: a synchronous approach for embedded automation systems. Berlin: Springer; 2015.

    Book  Google Scholar 

  25. Zoitl A, Lewis R. Modelling control systems using IEC 61499. In: Control Engineering Series 95. London: The Institution of Electrical Engineers; 2014.         https://www.amazon.com/Modelling-Control-Systems-Robotics-Sensors/dp/1849197601

Download references

Acknowledgements

Ban Kirigin is supported in part by the Croatian Science Foundation under the project UIP-05-2017-9219. The work of Max Kanovich was partially supported by EPSRC Programme Grant EP/R006865/1: “Interface Reasoning for Interacting Systems (IRIS).” Nigam is partially supported by NRL grant N0017317-1-G002, and CNPq grant 303909/2018-8. Scedrov was partially supported by the U. S. Office of Naval Research under award number N00014-20-1-2635. Talcott was partially supported by the U. S. Office of Naval Research under award numbers N00014-15-1-2202 and N00014-20-1-2644, and NRL grant N0017317-1-G002.

Funding

Funding support the authors received is as given in the Acknowledgements paragraph above.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Musab A. Alturki or Tajana Ban Kirigin.

Ethics declarations

Conflict of interest

The authors declare that they have no conflicting or competing interests.

Code availibility

Code developed for this work is available at https://github.com/SRI-CSL/WrapPat.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the topical collection “Information Systems Security and Privacy” guest edited by Steven Furnell and Paolo Mori.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Alturki, M.A., Ban Kirigin, T., Kanovich, M. et al. On the Security and Complexity of Periodic Systems. SN COMPUT. SCI. 3, 356 (2022). https://doi.org/10.1007/s42979-022-01223-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-022-01223-9

Keywords

  • Formal methods
  • Verification
  • Security
  • Multiset rewriting
  • Industry 4.0
  • Complexity