Ecole d'ingénieur et centre de recherche en Sciences du numérique

Security modeling for embedded system design

Li, Letitia W; Lugou, Florian; Apvrille, Ludovic

GRAMSEC 2017, 4th International Workshop on Graphical Models for Security, co-located with CSF 2017, 21 August 2017, Santa Barbara, CA, United States / Also published in LNCS, Vol. 10744

Among the many recent cyber attacks, the Mirai botnet DDOS attacks were carried out using infected IoTs. To prevent our connected devices from being thus compromised, their security vulnerabilities should be detected and mitigated early. This paper presents how the SysML-Sec Methodology has been enhanced for the evolving graphical modeling of security through the three stages of our embedded system design methodology: Analysis, HW/SW Partitioning, and Software Analysis. The security requirements and attack graphs generated during the Analysis phase determine the sensitive data and attacker model during the HW/SW Partitioning phase. We then accordingly generate a secured model with communication protection modeled using abstract security representations, which can then be translated into a Software/System Design Model. The Software Model is intended as the final detailed model of the system. Throughout the design process, formal verification and simulation evaluate safety, security, and performance of the system.

Doi Hal Bibtex

Titre:Security modeling for embedded system design
Mots Clés:Embedded systems; ProVerif; Formal verification
Type:Conférence
Langue:English
Ville:Santa Barbara
Pays:ÉTATS-UNIS
Date:
Département:Sécurité numérique
Eurecom ref:6012
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in GRAMSEC 2017, 4th International Workshop on Graphical Models for Security, co-located with CSF 2017, 21 August 2017, Santa Barbara, CA, United States / Also published in LNCS, Vol. 10744 and is available at : https://doi.org/10.1007/978-3-319-74860-3_7
Bibtex: @inproceedings{EURECOM+6012, doi = {https://doi.org/10.1007/978-3-319-74860-3_7}, year = {2017}, title = {{S}ecurity modeling for embedded system design}, author = {{L}i, {L}etitia {W} and {L}ugou, {F}lorian and {A}pvrille, {L}udovic}, booktitle = {{GRAMSEC} 2017, 4th {I}nternational {W}orkshop on {G}raphical {M}odels for {S}ecurity, co-located with {CSF} 2017, 21 {A}ugust 2017, {S}anta {B}arbara, {CA}, {U}nited {S}tates / {A}lso published in {LNCS}, {V}ol. 10744}, address = {{S}anta {B}arbara, {\'{E}}{TATS}-{UNIS}}, month = {08}, url = {http://www.eurecom.fr/publication/6012} }
Voir aussi: