18 research outputs found
A Formulation of the Potential for Communication Condition using C2KA
An integral part of safeguarding systems of communicating agents from covert
channel communication is having the ability to identify when a covert channel
may exist in a given system and which agents are more prone to covert channels
than others. In this paper, we propose a formulation of one of the necessary
conditions for the existence of covert channels: the potential for
communication condition. Then, we discuss when the potential for communication
is preserved after the modification of system agents in a potential
communication path. Our approach is based on the mathematical framework of
Communicating Concurrent Kleene Algebra (C2KA). While existing approaches only
consider the potential for communication via shared environments, the approach
proposed in this paper also considers the potential for communication via
external stimuli.Comment: In Proceedings GandALF 2014, arXiv:1408.556
Identifying Implicit Component Interactions in Distributed Cyber-Physical Systems
Modern distributed systems and networks, like those found in cyber-physical system domains such as critical infrastructures, contain many complex interactions among their constituent software and/or hardware components. Despite extensive testing of individual components, security vulnerabilities resulting from unintended and unforeseen component interactions (so-called implicit interactions) often remain undetected. This paper presents a method for identifying the existence of implicit interactions in designs of distributed cyber-physical systems using the algebraic modeling framework known as Communicating Concurrent Kleene Algebra (C²KA). Experimental results verifying the applicability of C²KA for identifying dependencies in system designs that would otherwise be very hard to find are also presented. More broadly, this research aims to advance the specification, design, and implementation of distributed cyber-physical systems with improved cybersecurity assurance by providing a new way of thinking about the problem of implicit interactions through the application of formal methods
Investigative Support for Information Confidentiality Part II: Applications in Cryptanalysis and Digital Forensics
AbstractThis is Part II in a two-part series discussing the development of investigative support for information confidentiality. In Part I, we proposed a technique based on relation algebra to detect confidential information leakage via protocol-based covert channels. In this paper, we continue developing investigative support for information confidentiality. We examine the application of the technique for detecting confidential information leakage proposed in Part I in cryptanalysis and digital forensics to highlight its usefulness beyond the scope of covert channel analysis. By way of a short case study, we show the automation of the cryptanalysis application of the technique for detecting confidential information leakage using a prototype tool and a known-plaintext attack
Constructing security cases based on formal verification of security requirements in alloy
International audienceAssuring that security requirements have been met in design phases is less expensive compared with changes after system development. Security-critical systems deployment requires providing security cases demonstrating whether the design adequately incorporates the security requirements. Building arguments and generating evidence to support the claims of an assurance case is of utmost importance and should be done using a rigorous mathematical basis, namely formal methods. In this paper, we propose an approach that uses formal methods to construct security assurance cases. This approach takes a list of security requirements as input and generates security cases to assess their fulfillment. Furthermore, we define security argument patterns supported by the formal verification results presented using the GSN pattern notation. The overall approach is validated through a case study involving an autonomous dron