Formal Modelling and Security Analysis of Inter-Operable Systems
Conférence : Communications avec actes dans un congrès international
Emerging technologies utilised in building modern systems make
them inter-operable but potentially exposed to security threats. Thus, engineers need to consider the system structure and behaviour at the design level.
This paper addresses the security risk assessment of inter-operable IoT systems designed in BIP (Behaviour–Interaction–Priority). For this purpose, we
model different attacks scenarios from Microsoft STRIDE threats catalogue
and identify the threats entry points in the component–port–connector architecture. Using standards communication styles such as message passing, we
compose architectural components to model data flow between communication entities. We use BIP statistical model checking to assess the architecture
conformance regarding security properties expressed in temporal logic.