< Back to previous page

Project

An Architecture for the Analysis and Management of Security in Industrial Control Systems.

Cyber-Physical Systems (CPS) are responsible for analysing and controlling a large number of processes such as distribution of gas and electricity, monitoring a nuclear reactor or controlling traffic lights. The last decades these systems have evolved from isolated, proprietary systems to environments that use commercial products, integrated with back-end systems that are often connected with corporate networks and the internet. This evolution has made these systems easier to use and increased their performance, but it has also weakened the security and opened up the systems to attacks from the outside.
The goal of this project is the creation of an architecture for analysing the security of CPS. We develop a new method to automatically draw conclusions regarding the security of the system. We also generate suggestions that support decision taking. Important points in this research are the efficiency and flexibility of the architecture, the quality of the results and the practical usability. The innovative aspect of this approach is found in both the modelling and the analysis. To draw conclusions we use the Imperative Declarative Programming framework, an extension of first order logic. This allows us to extract a large amount of feedback from the model in a simple and automated way.
The modelling strategy and the inferences get validated in two domains on concrete case studies with varying complexity, namely production environments and SCADA systems.

Date:1 Oct 2013 →  1 Mar 2018
Keywords:Vulnerability extraction, System security, Formal modeling, Cyber-Phyiscal Systems
Disciplines:Applied mathematics in specific fields, Computer architecture and networks, Distributed computing, Information sciences, Information systems, Programming languages, Scientific computing, Theoretical computer science, Visual computing, Other information and computing sciences
Project type:PhD project