Modelling and Verification of Safety of Access Control in SCADA Systems

Inna Vistbakka; Elena Troubitsyna

doi:10.1007/978-3-030-68887-5_23

Modelling and Verification of Safety of Access Control in SCADA Systems

Inna Vistbakka, Elena Troubitsyna^*

^*Corresponding author for this work

Information Technology

Research output: Chapter in Book/Conference proceeding › Conference contribution › Scientific › peer-review

2 Citations (Scopus)

Abstract

Modern safety-critical systems become increasingly networked and interconnected. To ensure their safety, the designers should guarantee not only that the critical parameters are accessed and modified by authorised users and components but also that the permitted operations should not violate safety. Traditionally, the designers rely on Role-Based Access Control (RBAC) to define the access to the system parameters. In this paper, we define a safety-aware RBAC model that takes into account current system state and safety of intended actions. Our approach relies on contract-based reasoning and formal modelling in Event-B. The approach is illustrated by a case study – a supervised control of a power switch.

Original language	English
Title of host publication	Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers
Editors	Joaquin Garcia-Alfaro, Jean Leneutre, Nora Cuppens, Reda Yaich
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	354-364
Number of pages	11
ISBN (Print)	9783030688868
DOIs	https://doi.org/10.1007/978-3-030-68887-5_23
Publication status	Published - 2021
MoE publication type	A4 Article in a conference publication
Event	15th International Conference on Risks and Security of Internet and Systems, CRISIS 2020 - Virtual, Online Duration: 4 Nov 2020 → 6 Nov 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12528 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	15th International Conference on Risks and Security of Internet and Systems, CRISIS 2020
City	Virtual, Online
Period	04/11/20 → 06/11/20

Access to Document

10.1007/978-3-030-68887-5_23

Cite this

Vistbakka, I., & Troubitsyna, E. (2021). Modelling and Verification of Safety of Access Control in SCADA Systems. In J. Garcia-Alfaro, J. Leneutre, N. Cuppens, & R. Yaich (Eds.), Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers (pp. 354-364). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12528 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-68887-5_23

Vistbakka, Inna ; Troubitsyna, Elena. / Modelling and Verification of Safety of Access Control in SCADA Systems. Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers. editor / Joaquin Garcia-Alfaro ; Jean Leneutre ; Nora Cuppens ; Reda Yaich. Springer Science and Business Media Deutschland GmbH, 2021. pp. 354-364 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{ab2b6da2254047e19ff609d045f7376d,

title = "Modelling and Verification of Safety of Access Control in SCADA Systems",

abstract = "Modern safety-critical systems become increasingly networked and interconnected. To ensure their safety, the designers should guarantee not only that the critical parameters are accessed and modified by authorised users and components but also that the permitted operations should not violate safety. Traditionally, the designers rely on Role-Based Access Control (RBAC) to define the access to the system parameters. In this paper, we define a safety-aware RBAC model that takes into account current system state and safety of intended actions. Our approach relies on contract-based reasoning and formal modelling in Event-B. The approach is illustrated by a case study – a supervised control of a power switch.",

author = "Inna Vistbakka and Elena Troubitsyna",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 15th International Conference on Risks and Security of Internet and Systems, CRISIS 2020 ; Conference date: 04-11-2020 Through 06-11-2020",

year = "2021",

doi = "10.1007/978-3-030-68887-5_23",

language = "English",

isbn = "9783030688868",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "354--364",

editor = "Joaquin Garcia-Alfaro and Jean Leneutre and Nora Cuppens and Reda Yaich",

booktitle = "Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers",

}

Vistbakka, I & Troubitsyna, E 2021, Modelling and Verification of Safety of Access Control in SCADA Systems. in J Garcia-Alfaro, J Leneutre, N Cuppens & R Yaich (eds), Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12528 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 354-364, 15th International Conference on Risks and Security of Internet and Systems, CRISIS 2020, Virtual, Online, 04/11/20. https://doi.org/10.1007/978-3-030-68887-5_23

Modelling and Verification of Safety of Access Control in SCADA Systems. / Vistbakka, Inna; Troubitsyna, Elena.
Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers. ed. / Joaquin Garcia-Alfaro; Jean Leneutre; Nora Cuppens; Reda Yaich. Springer Science and Business Media Deutschland GmbH, 2021. p. 354-364 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12528 LNCS).

Research output: Chapter in Book/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Modelling and Verification of Safety of Access Control in SCADA Systems

AU - Vistbakka, Inna

AU - Troubitsyna, Elena

PY - 2021

Y1 - 2021

N2 - Modern safety-critical systems become increasingly networked and interconnected. To ensure their safety, the designers should guarantee not only that the critical parameters are accessed and modified by authorised users and components but also that the permitted operations should not violate safety. Traditionally, the designers rely on Role-Based Access Control (RBAC) to define the access to the system parameters. In this paper, we define a safety-aware RBAC model that takes into account current system state and safety of intended actions. Our approach relies on contract-based reasoning and formal modelling in Event-B. The approach is illustrated by a case study – a supervised control of a power switch.

AB - Modern safety-critical systems become increasingly networked and interconnected. To ensure their safety, the designers should guarantee not only that the critical parameters are accessed and modified by authorised users and components but also that the permitted operations should not violate safety. Traditionally, the designers rely on Role-Based Access Control (RBAC) to define the access to the system parameters. In this paper, we define a safety-aware RBAC model that takes into account current system state and safety of intended actions. Our approach relies on contract-based reasoning and formal modelling in Event-B. The approach is illustrated by a case study – a supervised control of a power switch.

UR - http://www.scopus.com/inward/record.url?scp=85102624848&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-68887-5_23

DO - 10.1007/978-3-030-68887-5_23

M3 - Conference contribution

AN - SCOPUS:85102624848

SN - 9783030688868

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 354

EP - 364

BT - Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers

A2 - Garcia-Alfaro, Joaquin

A2 - Leneutre, Jean

A2 - Cuppens, Nora

A2 - Yaich, Reda

PB - Springer Science and Business Media Deutschland GmbH

T2 - 15th International Conference on Risks and Security of Internet and Systems, CRISIS 2020

Y2 - 4 November 2020 through 6 November 2020

ER -

Vistbakka I, Troubitsyna E. Modelling and Verification of Safety of Access Control in SCADA Systems. In Garcia-Alfaro J, Leneutre J, Cuppens N, Yaich R, editors, Risks and Security of Internet and Systems - 15th International Conference, CRiSIS 2020, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2021. p. 354-364. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-68887-5_23

Modelling and Verification of Safety of Access Control in SCADA Systems

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this