An extensible analysable system model

Christian W. Probst, Rene Rydhof Hansen

    Research output: Contribution to journalJournal articleResearchpeer-review

    Abstract

    Analysing real-world systems for vulnerabilities with respect to security and safety threats is a difficult undertaking, not least due to a lack of availability of formalisations for those systems. While both formalisations and analyses can be found for artificial systems such as software, this does not hold for real physical systems. Approaches such as threat modelling try to target the formalisation of the real-world domain, but still are far from the rigid techniques available in security research. Many currently available approaches to assurance of critical infrastructure security are based on (quite successful) ad-hoc techniques. We believe they can be significantly improved beyond the state-of-the-art by pairing them with static analyses techniques. In this paper we present an approach to both formalising those real-world systems, as well as providing an underlying semantics, which allows for easy development of analyses for the abstracted systems. We briefly present one application of our approach, namely the analysis of systems for potential insider threats.
    Original languageEnglish
    JournalInformation Security Technical Report
    Volume13
    Issue number4
    Pages (from-to)235-246
    ISSN2214-2126
    DOIs
    Publication statusPublished - 2008

    Fingerprint Dive into the research topics of 'An extensible analysable system model'. Together they form a unique fingerprint.

    Cite this