| Autor: |
Felix Wiezorek, Frank Schiller, Gerhard Hansch, Jan Wolf, Norbert Wiedermann, Martin Hutle |
| Rok vydání: |
2016 |
| Předmět: |
|
| Zdroj: |
ICS-CSR |
| ISSN: |
1477-9358 |
| DOI: |
10.14236/ewic/ics2016.8 |
| Popis: |
Incomplete information about connectivity and functionality of elements of networked control systems is a challenging issue in applying model-based security analysis in practice. This issue can be addressed by modelling techniques providing inherent mechanisms to describe incomplete information. We present and exemplary demonstrate a new, ontology-based method to adaptively model and analyse networked control systems from a security perspective. Our method allows modelling different parts of the system with different levels of detail. We include a formalism to handle incomplete information by applying iterative extension and iterative refinement of the model where necessary. By using machine-based reasoning on an ontology model of the system, security-relevant information is deduced. During this process, non-obvious attack vectors are identified using a structural analysis of the model and by connecting the model to vulnerability information. |
| Databáze: |
OpenAIRE |
| Externí odkaz: |
|
