Applying the Isabelle insider framework to airplane security

Kammueller, Florian ORCID: https://orcid.org/0000-0001-5839-5488 and Kerber, Manfred (2021) Applying the Isabelle insider framework to airplane security. Science of Computer Programming . ISSN 0167-6423 [Article] (Accepted/In press)

[img] PDF - Final accepted version (with author's formatting)
Restricted to Repository staff and depositor only
Available under License Creative Commons Attribution-NonCommercial-NoDerivatives.

Download (477kB) |

Abstract

Avionics is one of the fields in which verification methods have been pioneered and brought about a new level of reliability to systems used in safety-critical environments. Tragedies, like the 2015 insider attack on a German airplane, in which all 150 people on board died, show that safety and security crucially depend not only on the well-functioning of systems but also on the way humans interact with the systems. Policies are a way to describe how humans should behave in their interactions with technical systems. Formal reasoning about such policies requires integrating the human factor into the verification process. In this paper, we report on our work on using logical modelling and analysis of infrastructure models and policies with actors to scrutinize security policies in the presence of insiders. An insider is a user of a system who behaves like an attacker abusing privileges thereby bypassing security controls. We model insider attacks on airplanes in the Isabelle Insider framework. This application motivates the use of an extension of the framework with Kripke structures and the temporal logic CTL to enable reasoning on dynamic system states. Furthermore, we illustrate that Isabelle modelling and invariant reasoning reveal subtle security assumptions. This results in a methodology for the development of policies that satisfy stated properties. To contrast our approach to model checking, we provide an additional comparative analysis.

Item Type: Article
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 32127
Notes on copyright: © 2021. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 22 Feb 2021 08:52
Last Modified: 22 Feb 2021 08:52
URI: https://eprints.mdx.ac.uk/id/eprint/32127

Actions (login required)

View Item View Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year