Model-based real-time evaluation of security patterns: A SCADA system case study

Abstract

Securing critical systems such as cyber physical systems (CPS) is an important feature especially when it comes to critical transmitted data. At the same time, the implementation of security counter-measures in such systems may impact other functional or non-functional concerns. In this context, we propose a model-based approach for securing critical systems at early design stage. This approach combines security analysis and mitigation solution proposals with multi-concern architectural evaluation. It exploits two views of security countermeasures patterns: abstract and concrete. The abstract view is used to select relevant solutions to security requirements on a logical point of view. Then, the concrete view helps the architect evaluating different possible implementation alternatives against other design constraints. The modeling is based on accepted OMG standards such as UML and MARTE. In this paper, the approach is illustrated on a SCADA (Supervisory Control and Data Acquisition) system case study and a tool chain based on Papyrus UML supports the approach.