Abstract
A key challenge of component-based software engineering is to preserve extra-functional properties such as security when composing the software architecture from individual components. Previous work in this area does not consider specific characteristics of cyber-physical systems like asynchronous message passing, real-time behavior, or so-called feedback composition with two-way communication. Thereby, a composition of secure components might lead to insecure architectures with undetected information leaks. In this paper, we address the preservation of information flow security on composition of cyber-physical systems, taking the above characteristics into account. We refine security policies during the architectural decomposition, and outline a compositional verification approach that checks the security of individual components against their refined policies. On composition of secure components, our approach preserves security and thereby enables the design of secure software architectures. We give a proof of concept using a component-based software architecture of a cyber-manufacturing system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chong, S., van der Meyden, R.: Using architecture to reason about information security. ACM Trans. Inf. Syst. Secur. 18(2), 8:1–8:30 (2015)
Bettassa Copet, P., Sisto, R.: Automated formal verification of application-specific security properties. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS 2014. LNCS, vol. 8364, pp. 45–59. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04897-0_4
Crnkovic, I., Malavolta, I., Muccini, H., Sharaf, M.: On the use of component-based principles and practices for architecting cyber-physical systems. In: CBSE 2016, pp. 23–32. IEEE (2016)
Gerking, C., Schubert, D., Bodden, E.: Model checking the information flow security of real-time systems. In: Payer, M., Rashid, A., Such, J.M. (eds.) ESSoS 2018. LNCS, vol. 10953, pp. 27–43. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94496-8_3
Greiner, S., Mohr, M., Beckert, B.: Modular verification of information flow security in component-based systems. In: Cimatti, A., Sirjani, M. (eds.) SEFM 2017. LNCS, vol. 10469, pp. 300–315. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66197-1_19
Gunawan, L.A., Herrmann, P.: Compositional verification of application-level security properties. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 75–90. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36563-8_6
Li, X., Mantel, H., Tasch, M.: Taming message-passing communication in compositional reasoning about confidentiality. In: Chang, B.-Y.E. (ed.) APLAS 2017. LNCS, vol. 10695, pp. 45–66. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71237-6_3
Mantel, H.: On the composition of secure systems. In: IEEE S&P, pp. 88–101. IEEE (2002)
Mantel, H.: Information flow and noninterference. In: van Tilborg, H.C.A., Jajodia, Sushil (eds.) Encyclopedia of Cryptography and Security, pp. 605–607. Springer, Boston (2011). https://doi.org/10.1007/978-1-4419-5906-5
McCullough, D.: Noninterference and the composability of security properties. In: IEEE S&P, pp. 177–186. IEEE (1988)
Mohammad, M., Alagar, V.S.: A formal approach for the specification and verification of trustworthy component-based systems. J. Syst. Softw. 84(1), 77–104 (2011)
Rafnsson, W., Jia, L., Bauer, L.: Timing-sensitive noninterference through composition. In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 3–25. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_1
Ben Said, N., Abdellatif, T., Bensalem, S., Bozga, M.: Model-driven information flow security for component-based systems. In: Bensalem, S., Lakhneck, Y., Legay, A. (eds.) ETAPS 2014. LNCS, vol. 8415, pp. 1–20. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54848-2_1
Sun, C., Xi, N., Li, J., Yao, Q., Ma, J.: Verifying secure interface composition for component-based system designs. In: APSEC 2014, pp. 359–366. IEEE (2014)
Zakinthinos, A., Lee, E.S.: How and why feedback composition fails. In: CSFW 1996, pp. 95–101. IEEE (1996)
Zhou, J., Alves-Foss, J.: Security policy refinement and enforcement for the design of multi-level secure systems. J. Comput. Secur. 16(2), 107–131 (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Gerking, C., Schubert, D. (2018). Towards Preserving Information Flow Security on Architectural Composition of Cyber-Physical Systems. In: Cuesta, C., Garlan, D., Pérez, J. (eds) Software Architecture. ECSA 2018. Lecture Notes in Computer Science(), vol 11048. Springer, Cham. https://doi.org/10.1007/978-3-030-00761-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-00761-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00760-7
Online ISBN: 978-3-030-00761-4
eBook Packages: Computer ScienceComputer Science (R0)