CARMEN: A framework for the verification and diagnosis of the specification of security requirements in cyber-physical systems
In the last years, cyber-physical systems (CPS) are receiving substantial mainstream attention especially in industrial environments, but this popularity has been accompanied by serious security challenges. A CPS is a complex system that includes hardware and software components, with different supp...
| Autores: | , , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Estado: | Versión publicada |
| Fecha de publicación: | 2021 |
| País: | España |
| Institución: | Universidad de Sevilla (US) |
| Repositorio: | idUS. Depósito de Investigación de la Universidad de Sevilla |
| OAI Identifier: | oai:idus.us.es:11441/134645 |
| Acceso en línea: | https://hdl.handle.net/11441/134645 https://doi.org/10.1016/j.compind.2021.103524 |
| Access Level: | acceso abierto |
| Palabra clave: | Cyber-physical system Cybersecurity Security Configuration models Security requirements Security verification Diagnosis |
| Sumario: | In the last years, cyber-physical systems (CPS) are receiving substantial mainstream attention especially in industrial environments, but this popularity has been accompanied by serious security challenges. A CPS is a complex system that includes hardware and software components, with different suppliers and connection protocols, forcing complex data management and storage. For this reason, the construction, verification and diagnosis of security CPS become a major challenge, which involves a correct specifica tion of security requirements, the verification of the correct system configurations, and if necessary, the diagnosis to detectthe features to be modified to obtain a security configuration. In this paper, we propose a framework for the verification and diagnosis of security requirements, according to the possible correct configurations of the CPS. The framework is based on the specification of the security requirements and their analysis supported by Model-Driven Engineering and Software Product Line Engineering (SPLE) approaches. To illustrate the usefulness, the proposal has been applied to the security requirements in an Agriculture 4.0 scenario based on automated hydroponic cultivation |
|---|