Search

Searching. Please wait…

Onto-CARMEN: ontology-driven approach for Cyber-Physical System Security Requirements meta-modelling and reasoning

Abstract: In the last years, Cyber-physical systems (CPS) have attracted substantial mainstream, especially in the industrial sector, since they have become the focus of cyber-attacks. CPS are complex systems that encompass a great variety of hardware and software components with a countless number of configurations and features. For this reason, the construction, validation, and diagnosis of security in CPS become a major challenge. An invalid security requirement for the CPS can produce partial or incomplete configuration, even misconfigurations, and hence catastrophic consequences. Therefore, it is crucial to ensure the validation of the security requirements specification from the earlier design stages. To this end, Onto-CARMEN is proposed, a semantic approach that enables the automatic verification and diagnosis of security requirements according to the ENISA and OWASP recommendations. Our approach provides a mechanism for the specification of security requirements on top of ontologies, and automatic diagnosis through semantic axioms and SPARQL rules. The approach has been validated using security requirements from a real case study.

 Fuente: Internet of Things, 2023, 24, 100989

 Publisher: Elsevier

 Publication date: 01/12/2023

 No. of pages: 16

 Publication type: Article

 DOI: 10.1016/j.iot.2023.100989

 ISSN: 2542-6605,2543-1536

 Spanish project: TED2021-130355B-C31

 Publication Url: https://doi.org/10.1016/j.iot.2023.100989

Authorship

ROSADO, DAVID G.

VARELA VACA, ÁNGEL JESÚS

MARIA TERESA GOMEZ LOPEZ

FERNÁNDEZ MEDINA, EDUARDO