...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>The Journal of Systems and Software >Modeling, analyzing and predicting security cascading attacks in smart buildings systems-of-systems
【24h】

Modeling, analyzing and predicting security cascading attacks in smart buildings systems-of-systems

机译:建模,分析和预测智能建筑系统中的安全级联攻击

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Software systems intelligence and complexity have been continuously increasing to deliver more and more features to support business critical and mission critical processes in numerous domains such as defense, health-care, and smart cities. Contemporary software-based solutions are composed of several software systems, that form System-of-Systems (SoS). SoS differentiating characteristics, such as emergent behavior, introduce specific issues that render their security modeling, simulation and analysis a critical challenge. The aim of this work is to investigate how Software Engineering (SE) approaches can be leveraged to model and analyze secure SoS solutions for predicting high impact (cascading) attacks at the architecture stage. In order to achieve this objective, we propose a Model Driven Engineering method, Systems-of-Systems Security (SoSSec), that comprises: (1) a modeling language (SoSSecML) for secure SoS modeling and (2) Multi-Agent Systems (MAS) for security analysis of SoS architectures. To illustrate our proposed approach in terms of modeling, simulating, and discovering attacks, we have conducted a case study on a real-life smart building SoS, the Adelaide University Health and Medical School (AHMS). The results from this case study demonstrate that our proposed method discovers cascading attacks comprising of a number of individual attacks, such as a Denial of Service, that arise from a succession of exploited vulnerabilities through interactions among the constituent systems of SoS. In future work, we intend to extend SoSSec to address diverse unknown emergent behaviors and non-functional properties such as safety and trust.
机译:软件系统的智能性和复杂性一直在不断提高,以提供越来越多的功能来支持众多领域的业务关键和任务关键流程,例如国防,医疗保健和智慧城市。当代的基于软件的解决方案由几个软件系统组成,这些系统构成了系统级系统(SoS)。 SoS的差异化特征(例如紧急行为)引入了特定的问题,这些问题使其安全性建模,仿真和分析成为一个严峻的挑战。这项工作的目的是研究如何利用软件工程(SE)方法来建模和分析安全的SoS解决方案,以在架构阶段预测高影响(级联)攻击。为了实现此目标,我们提出了一种模型驱动工程方法,即系统安全性(SoSSec),该方法包括:(1)用于安全SoS建模的建模语言(SoSSecML)和(2)多Agent系统( MAS)用于SoS体系结构的安全性分析。为了在建模,模拟和发现攻击方面说明我们提出的方法,我们对一个现实生活中的智能建筑SoS(阿德莱德大学健康与医学院)进行了案例研究。此案例研究的结果表明,我们提出的方法发现了由许多单独的攻击组成的级联攻击,例如拒绝服务,这些攻击是通过SoS组成系统之间的相互作用而利用一系列漏洞而引起的。在未来的工作中,我们打算扩展SoSSec,以解决各种未知的突发行为和非功能特性,例如安全性和信任。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号