当前位置:
X-MOL 学术
›
arXiv.cs.LO
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Applying the Isabelle Insider Framework to Airplane Security
arXiv - CS - Logic in Computer Science Pub Date : 2020-03-26 , DOI: arxiv-2003.11838 Florian Kamm\"uller and Manfred Kerber
arXiv - CS - Logic in Computer Science Pub Date : 2020-03-26 , DOI: arxiv-2003.11838 Florian Kamm\"uller and Manfred Kerber
Avionics is one of the fields in which verification methods have been
pioneered and brought a new level of reliability to systems used in safety
critical environments. Tragedies, like the 2015 insider attack on a German
airplane, in which all 150 people on board died, show that safety and security
crucially depend not only on the well functioning of systems but also on the
way how humans interact with the systems. Policies are a way to describe how
humans should behave in their interactions with technical systems, formal
reasoning about such policies requires integrating the human factor into the
verification process. In this paper, we report on our work on using logical
modelling and analysis of infrastructure models and policies with actors to
scrutinize security policies in the presence of insiders. We model insider
attacks on airplanes in the Isabelle Insider framework. This application
motivates the use of an extension of the framework with Kripke structures and
the temporal logic CTL to enable reasoning on dynamic system states.
Furthermore, we illustrate that Isabelle modelling and invariant reasoning
reveal subtle security assumptions. We summarize by providing a methodology for
the development of policies that satisfy stated properties.
中文翻译:
将 Isabelle Insider 框架应用于飞机安全
航空电子设备是验证方法被开创的领域之一,它为在安全关键环境中使用的系统带来了新的可靠性水平。悲剧,例如 2015 年对德国飞机的内部袭击,机上 150 人全部遇难,表明安全和保障不仅取决于系统的良好运行,还取决于人类如何与系统互动。策略是一种描述人类在与技术系统交互时应该如何表现的方式,关于此类策略的正式推理需要将人为因素整合到验证过程中。在本文中,我们报告了我们在内部人员在场的情况下使用逻辑建模和基础架构模型和策略分析与参与者一起审查安全策略的工作。我们在 Isabelle Insider 框架中模拟对飞机的内部攻击。该应用程序鼓励使用具有 Kripke 结构和时间逻辑 CTL 的框架扩展,以实现对动态系统状态的推理。此外,我们说明 Isabelle 建模和不变推理揭示了微妙的安全假设。我们通过提供一种方法来制定满足规定属性的政策进行总结。
更新日期:2020-03-27
中文翻译:
将 Isabelle Insider 框架应用于飞机安全
航空电子设备是验证方法被开创的领域之一,它为在安全关键环境中使用的系统带来了新的可靠性水平。悲剧,例如 2015 年对德国飞机的内部袭击,机上 150 人全部遇难,表明安全和保障不仅取决于系统的良好运行,还取决于人类如何与系统互动。策略是一种描述人类在与技术系统交互时应该如何表现的方式,关于此类策略的正式推理需要将人为因素整合到验证过程中。在本文中,我们报告了我们在内部人员在场的情况下使用逻辑建模和基础架构模型和策略分析与参与者一起审查安全策略的工作。我们在 Isabelle Insider 框架中模拟对飞机的内部攻击。该应用程序鼓励使用具有 Kripke 结构和时间逻辑 CTL 的框架扩展,以实现对动态系统状态的推理。此外,我们说明 Isabelle 建模和不变推理揭示了微妙的安全假设。我们通过提供一种方法来制定满足规定属性的政策进行总结。