KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
Theoretical Computer Science
Principles of Program Analysis
Principles of Program Analysis
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Reducing normative conflicts in information security
Proceedings of the 2011 workshop on New security paradigms workshop
A move in the security measurement stalemate: elo-style ratings to quantify vulnerability
Proceedings of the 2012 workshop on New security paradigms
| Hi-index | 0.00 |
Analysing real-world systems for vulnerabilities with respect to security and safety threats is a difficult undertaking, not least due to a lack of availability of formalisations for those systems. While both formalisations and analyses can be found for artificial systems such as software, this does not hold for real physical systems. Approaches such as threat modelling try to target the formalisation of the real-world domain, but still are far from the rigid techniques available in security research. Many currently available approaches to assurance of critical infrastructure security are based on (quite successful) ad-hoc techniques. We believe they can be significantly improved beyond the state-of-the-art by pairing them with static analyses techniques. In this paper we present an approach to both formalising those real-world systems, as well as providing an underlying semantics, which allows for easy development of analyses for the abstracted systems. We briefly present one application of our approach, namely the analysis of systems for potential insider threats.