Security Analysis: From Model to System Analysis

There is a wide range of security solutions on cyber-physical systems, most aimed at preventing an adversary from gaining access to the system. However, to make a cyber-physical system more resilient and discover possible attack scenarios, it is necessary to analyze systems by taking into account their interactions with their environment. Standard formal analysis approaches are based on a model of the system. From a quantitative and qualitative point of view, the results of these analyzes depends on the model abstraction relative to the system. Usually, property verification is performed with formulas expressed in specific logics such as LTL or CTL. One of the problems is the semantic gap between textual requirements and these formalisms. In a security context, attacker interests are also necessary to take into account in the properties expression, in addition to system requirements. In this article we propose an approach allowing to analyze a real cyber-physical system while taking into account the interests of an attacker and while reducing the semantic gap between the textual requirements and logic formulas. The proposed methodology relies on the property specification patterns and the specification of an interface related to the state of the deployed embedded software. The motivating example used in this article comes from an industrial partner included in a collaborative project.