Skip to main content
SpringerLink
Log in

W-Sec: A Model-Based Formal Method for Assessing the Impacts of Security Countermeasures

  • Conference paper
  • First Online:
Model-Driven Engineering and Software Development (MODELSWARD 2021, MODELSWARD 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1708))

Abstract

The chapter provides a detailed description of W-Sec, a formal model-based countermeasures’ impact assessment method. It also introduces a new formal definition of the two SysML profiles used in SysML-Sec and W-Sec, enabling (i) for the future automation of several W-Sec stages and (ii) for the definition of consistency rules ensuring the consistency of the models written in these two distinct modeling languages. In addition, the chapter evaluates W-Sec with a new industry 4.0 case-study and discusses the strengths and the current limitations of the approach in this new application field.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A countermeasure refers in our works to any modification brought to a system in order to mitigate one or several vulnerabilities. It can be a modification of the system’s software, hardware, processes, and/or to its physical, logical and network architecture.

  2. 2.

    Impact refers to positive impacts (i.e., efficiency) as well as to negative impacts (i.e., regressions).

  3. 3.

    https://itm-factory.fr/index.php/objectif_et_visite_360/.

  4. 4.

    Supervisory Control and Data Acquisition system.

  5. 5.

    https://ttool.telecom-paris.fr/.

  6. 6.

    \(\sqcup \)” denotes the disjoint union.

  7. 7.

    Note that in this view, data are abstracted: we do not model data values and the profile of a data signal is an integer representing the amount of transfered data. Moreover, computations (exec, wait,...) are abstracted by their complexity (a duration) in one unique “delay” operation.

  8. 8.

    Systems models may also include some blocks and signals modeling the system’s environment.

  9. 9.

    A component is an equipment of the system. For instance, the components of IT’m Factory’s packaging chain include the PLC, the two switches, the local control panel, etc.

  10. 10.

      means that f is an injective application from E to F.

  11. 11.

    i.e., the models of components on which the countermeasures described by \(\mathbf {M_P}\) are deployed and that are targeted by the attack scenarios described by \(\mathbf {M_A}\).

  12. 12.

    These operators are actions over transitions in the tasks activity diagrams (see Def. 7).

  13. 13.

    Each figure is an average of 10 consecutive measurements.

  14. 14.

    Actually, symmetric encryption does not provide integrity. But our verifying environment assumed that if a ciphered message is modified by an attacker, the receiver will notice that the deciphered text is inconsistent.

References

  1. Abbasi, A., Scharnowski, T., Holz, T.: Doors of Durin: The Veiled Gate to Siemens S7 Silicon. BlackHat Europe (2019)

    Google Scholar 

  2. Aichernig, B.K., Lorber, F., Ničković, D.: Time for mutants — model-based mutation testing with timed automata. In: Veanes, M., Viganò, L. (eds.) TAP 2013. LNCS, vol. 7942, pp. 20–38. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38916-0_2

    Chapter  Google Scholar 

  3. Apvrille, L., Li, L.W.: Harmonizing safety, security and performance requirements in embedded systems. In: 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1631–1636. IEEE (2019)

    Google Scholar 

  4. Apvrille, L., Roudier, Y.: SysML-Sec: a SysML environment for the design and development of secure embedded systems. In: APCOSEC 2013. Yokohama, Japan (Aug 2013). https://hal.telecom-paris.fr/hal-02288385

  5. Apvrille, L., de Saqui-Sannes, P., Hotescu, H., Tempia-Calvino, A.: SysML models verification relying on dependency graphs. In: MODELSWARD, pp. 174–181 (2022)

    Google Scholar 

  6. Behrmann, G., David, A., Larsen, K.G.: A tutorial on UPPAAL. Formal methods for the design of real-time systems, pp. 200–236 (2004)

    Google Scholar 

  7. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), pp. 82–96. IEEE Computer Society, Cape Breton, Nova Scotia, Canada (Jun 2001)

    Google Scholar 

  8. Brykczynski, B., Small, R.A.: Reducing internet-based intrusions: effective security patch management. IEEE Softw. 20(1), 50–57 (2003)

    Article  Google Scholar 

  9. Calvino, A., Apvrille, L.: Direct model-checking of SysML models. In: Proceedings of the 9th International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD, pp. 216–223. INSTICC, SciTePress (2021). https://doi.org/10.5220/0010256302160223

  10. Calvino, A.T., Apvrille, L.: Direct model-checking of SysML models. In: 9th International Conference on Model-Driven Engineering and Software Development, pp. 216–223. SCITEPRESS-Science and Technology Publications (2021)

    Google Scholar 

  11. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theor. 29(2), 198–208 (1983). https://doi.org/10.1109/TIT.1983.1056650

    Article  MathSciNet  MATH  Google Scholar 

  12. Enrici, A., Apvrille, L., Pacalet, R.: A model-driven engineering methodology to design parallel and distributed embedded systems. ACM Trans. Design Autom. Electron. Syst. (TODAES) 22(2), 1–25 (2017)

    Article  Google Scholar 

  13. Enrici, A., Li, L., Apvrille, L., Blouin, D.: A tutorial on TTool/DIPLODOCUS: an open-source toolkit for the design of data-flow embedded systems. Tech. rep. (2022)

    Google Scholar 

  14. Gonzalez-Granadillo, G., Garcia-Alfaro, J., Alvarez, E., El-Barbori, M., Debar, H.: Selecting optimal countermeasures for attacks against critical systems using the attack volume model and the RORI index. Comput. Electr. Eng. 47, 13–34 (2015)

    Article  Google Scholar 

  15. Jawad, A., Jaskolka, J.: Analyzing the impact of cyberattacks on industrial control systems using timed automata. In: 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS), pp. 966–977 (2021). https://doi.org/10.1109/QRS54544.2021.00106

  16. Jawad, A., Newton, L., Matrawy, A., Jaskolka, J.: A formal analysis of the efficacy of rebooting as a countermeasure against IoT botnets. In: 2022 IEEE Conference on Communications, ICC (2022)

    Google Scholar 

  17. Li, L.: Safe and secure model-driven design for embedded systems. Ph.D. thesis, Université Paris-Saclay (Sep 2018)

    Google Scholar 

  18. Lugou, F., Li, L.W., Apvrille, L., Ameur-Boulifa, R.: SysML models and model transformation for security. In: 2016 4th International Conference on Model-Driven Engineering and Software Development (MODELSWARD), pp. 331–338. IEEE (2016)

    Google Scholar 

  19. McLaughlin, S., et al.: The cybersecurity landscape in industrial control systems. Proc. IEEE 104(5), 1039–1057 (2016)

    Article  MathSciNet  Google Scholar 

  20. Nespoli, P., Papamartzivanos, D., Mármol, F.G., Kambourakis, G.: Optimal countermeasures selection against cyber attacks: a comprehensive survey on reaction frameworks. IEEE Commun. Surv. Tutorials 20(2), 1361–1396 (2017)

    Article  Google Scholar 

  21. von Neumann, J., Burks, A.W., et al.: Theory of self-reproducing automata, vol. 1102024. University of Illinois press Urbana (1966)

    Google Scholar 

  22. Nicol, D.: Modeling and simulation in security evaluation. IEEE Secur. Priv. 3(5), 71–74 (2005). https://doi.org/10.1109/MSP.2005.129

    Article  Google Scholar 

  23. Pedroza, G., Apvrille, L., Knorreck, D.: Avatar: a sysml environment for the formal verification of safety and security properties. In: 2011 11th Annual International Conference on New Technologies of Distributed Systems, pp. 1–10. IEEE (2011)

    Google Scholar 

  24. Sultan, B.: Maîtrise des correctifs de sécurité pour les systèmes navals. Ph.D. thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire (2020)

    Google Scholar 

  25. Sultan, B., Apvrille, L., Jaillon, P.: Safety, Security and Performance Assessment of Security Countermeasures with SysML-Sec. In: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development - MODELSWARD, pp. 48–60. INSTICC, SciTePress (2022). https://doi.org/10.5220/0010832300003119

  26. Sultan, B., Dagnat, F., Fontaine, C.: A methodology to assess vulnerabilities and countermeasures impact on the missions of a naval system. In: Katsikas, S.K., et al. (eds.) CyberICPS/SECPRE -2017. LNCS, vol. 10683, pp. 63–76. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72817-9_5

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LTCI, Télécom Paris, Institut Polytechnique de Paris, Sophia-Antipolis, France

    Bastien Sultan, Ludovic Apvrille & Sophie Coudert

  2. Mines Saint-Etienne, CEA-Tech, Centre CMP, F-13541, Gardanne, France

    Philippe Jaillon

Authors
  1. Bastien Sultan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ludovic Apvrille
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Philippe Jaillon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sophie Coudert
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bastien Sultan .

Editor information

Editors and Affiliations

  1. University of Twente, Enschede, The Netherlands

    Luís Ferreira Pires

  2. ESEO, ERIS, Angers, France

    Slimane Hammoudi

  3. Model Driven Solutions, Herndon, VA, USA

    Edwin Seidewitz

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sultan, B., Apvrille, L., Jaillon, P., Coudert, S. (2023). W-Sec: A Model-Based Formal Method for Assessing the Impacts of Security Countermeasures. In: Pires, L.F., Hammoudi, S., Seidewitz, E. (eds) Model-Driven Engineering and Software Development. MODELSWARD MODELSWARD 2021 2022. Communications in Computer and Information Science, vol 1708. Springer, Cham. https://doi.org/10.1007/978-3-031-38821-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-38821-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-38820-0

  • Online ISBN: 978-3-031-38821-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation