A Formally Reliable Cognitive Middleware for the Security of Industrial Control Systems

Author(s)

Khan, Muhammad Taimoor; Serpanos, Dimitrios; Khan, Muhammad; Shrobe, Howard E

Abstract

In this paper, we present our results on the formal reliability analysis of the behavioral correctness of our cognitive middleware ARMET. The formally assured behavioral correctness of a software system is a fundamental prerequisite for the system’s security. Therefore, the goal of this study is to, first, formalize the behavioral semantics of the middleware and, second, to prove its behavioral correctness. In this study, we focus only on the core and critical component of the middleware: the execution monitor. The execution monitor identifies inconsistencies between runtime observations of an industrial control system (ICS) application and predictions of the specification of the application. As a starting point, we have defined the formal (denotational) semantics of the observations (produced by the application at run-time), and predictions (produced by the executable specification of the application). Then, based on the formal semantices, we have formalized the behavior of the execution monitor. Finally, based on the semantics, we have proved soundness (absence of false alarms) and completeness (detection of arbitrary attacks) to assure the behavioral correctness of the monitor. Keywords: run-time monitoring; security monitor; absence of false alarms; ICS; CPS

Date issued

2017-08

URI

http://hdl.handle.net/1721.1/113337

Department

Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory

Journal

Electronics

Publisher

MDPI AG

Citation

Khan, Muhammad et al. "A Formally Reliable Cognitive Middleware for the Security of Industrial Control Systems." Electronics 6, 3 (August 2017): 58 © 2017 The Author(s)

Version: Final published version

ISSN

2079-9292