Formally Verified Credentials Management for Industrial Control Systems
The field of industrial automation is experiencing growth in interconnectivity and digital interaction. This growth is slower than in a consumer segment due to often critical nature of industrial control systems. Security of such systems is an important aspect as malicious behaviors could lead to potential system malfunction, injuries or financial losses. As control networks are becoming more complex, having a robust credential management for system operators and users that could interact with the system components is an essential need. One way of assuring the robustness of the credential management is by using formal methods. In this paper we present a formally verified credential management system for use within industrial control systems. We demonstrate that the credential management can use centralized credential storage with secret passwords available only to system administrators. We use UPPAAL to formally analyze security properties based on requirements defined by our industrial partner and present the viability of formal verification to a real-world industrial case study.
Wed 19 MayDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
14:00 - 15:00
|Formally Verified Credentials Management for Industrial Control Systems|
FormaliSE 2021Pre-print Media Attached
|Improved Bounded Model Checking of Timed Automata|
Robert L. Smith Politecnico di Milano, Marcello Bersani Politecnico di Milano, Italy, Matteo Rossi Politecnico di Milano, Pierluigi San Pietro Politecnico di MilanoPre-print Media Attached