Behavior Based Secure And Resilient System Development presented at deepsec 2017

by Muhammad Taimoor Khan,

Summary : We introduce a design methodology to develop reliable and secure systems based on their functional and non-functional behaviour. The methodology has 3 independent, but complementary, components that employ novel approaches and techniques in the design of reliable and secure systems.
First, we introduce reliable-and-secure-by-design development of secure applications through stepwise sound refinement of an executable specification, employing deductive synthesis to enforce functional and non-functional (e.g. security and safety) properties of the applications.
Second, we present a run-time security monitor at the middleware level that protects system operation in the field through comparison of the application execution and the application specification execution in real-time; the run-time security monitor can be synthesized from the executable specification.
Finally, based on the specification, we perform a vulnerability analysis for false data injection attacks, which leads to application designs that are resilient to this type of attacks. We demonstrate the methodology through its application to a basic and typical industrial control system example application, describing all the tools used and ARMET, the middleware monitor that constitutes the core component of the methodology.