Formal Modelling and Security Analysis of Inter-Operable Systems

juillet 2022
Ingénierie & Outils numériques
Communications avec actes dans un congrès international
Auteurs : Hakim Baouya (Verimag), Samir Ouchani (LINEACT), Saddek Bensalem (Verimag)
Conférence : The 35th International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems, 18 juillet 2022

Emerging technologies utilised in building modern systems make them inter-operable but potentially exposed to security threats. Thus, engineers need to consider the system structure and behaviour at the design level. This paper addresses the security risk assessment of inter-operable IoT systems designed in BIP (Behaviour–Interaction–Priority). For this purpose, we model different attacks scenarios from Microsoft STRIDE threats catalogue and identify the threats entry points in the component–port–connector architecture. Using standards communication styles such as message passing, we compose architectural components to model data flow between communication entities. We use BIP statistical model checking to assess the architecture conformance regarding security properties expressed in temporal logic.