Formally Verified Credentials Management for Industrial Control Systems

Research output: Contribution to book/anthology/report/proceedingArticle in proceedingsResearchpeer-review

226 Downloads (Pure)

Abstract

The field of industrial automation is experiencing growth in interconnectivity and digital interaction. This growth is slower than in a consumer segment due to often critical nature of industrial control systems. Security of such systems is an important aspect as malicious behaviors could lead to potential system malfunction, injuries or financial losses. As control networks are becoming more complex, having a robust credential management for system operators and users that could interact with the system components is an essential need. One way of assuring the robustness of the credential management is by using formal methods. In this paper we present a formally verified credential management system for use within industrial control systems. We demonstrate that the credential management can use centralized credential storage with secret passwords available only to system administrators. We use UPPAAL to formally analyze security properties based on requirements defined by our industrial partner and present the viability of formal verification to a real-world industrial case study.

Original languageEnglish
Title of host publicationProceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021 : 9th IEEE/ACM International Conference on Formal Methods in Software Engineering
Number of pages11
PublisherIEEE
Publication date2021
Pages75-85
ISBN (Print)978-1-6654-2984-9
ISBN (Electronic)978-1-6654-3913-8
DOIs
Publication statusPublished - 2021
EventFormaliSE 2021: International Conference on Formal Methods in Software Engineering - Virtual, Madrid, Spain
Duration: 22 May 202130 May 2021
https://www.formalise.org/

Conference

ConferenceFormaliSE 2021
LocationVirtual
Country/TerritorySpain
CityMadrid
Period22/05/202130/05/2021
Internet address

Keywords

  • Credential management
  • Formal verification
  • Model checking
  • UPPAAL

Fingerprint

Dive into the research topics of 'Formally Verified Credentials Management for Industrial Control Systems'. Together they form a unique fingerprint.

Cite this