We apply formal methods to lay and streamline theoretical foundations reason about Cyber-Physical Systems (CPSs) cyber-physical attacks. focus on integrity DoS attacks sensors actuators of CPSs, the timing aspects these Our contributions are threefold: (1) we define a hybrid process calculus model both CPSs (2) threat provide means assess attack tolerance/vulnerability with respect given attack. (3) formalise how estimate impact successful CPS investigate possible quantifications success...

We apply formal methods to lay and streamline theoretical foundations reason about Cyber-Physical Systems (CPSs) physics-based attacks, i.e., attacks targeting physical devices. focus on a treatment of both integrity denial service sensors actuators CPSs, the timing aspects these attacks. Our contributions are fourfold. (1) define hybrid process calculus model CPSs (2) formalise threat that specifies MITM can manipulate sensor readings or control commands drive CPS into an undesired state;...

We propose both an SOS transition rule format for the generative model of probabilistic processes, and reactive processes. Our formats guarantee that bisimulation is a congruence with respect to process algebra operations. Moreover, our algebras guarantees probability moves given process, if there are any, sum up 1, labeled same action, 1. show most operations studied in literature captured by formats, which, therefore, have practical applications.

With the explosion of Industry 4.0, industrial facilities and critical infrastructures are transforming into "smart" systems that dynamically adapt to external events. The result is an ecosystem heterogeneous physical cyber components, such as programmable logic controllers, which more exposed cyber-physical attacks, i.e., security breaches in cyberspace adversely affect processes at core control systems. We apply runtime enforcement techniques, based on ad-hoc sub-class Ligatti et al.'s...

With the advent of Industry 4.0 , industrial facilities and critical infrastructures are transforming into an ecosystem heterogeneous physical cyber components, such as programmable logic controllers increasingly interconnected therefore exposed to cyber-physical attacks i.e., security breaches in cyberspace that may adversely affect processes underlying control systems . In this article, we propose a formal approach based on runtime enforcement ensure specification compliance networks...

We are interested in describing timed systems that exhibit probabilistic behaviors. To this purpose, we define a model of automata and give concept weak bisimulation together with an algorithm to decide it. use for analyzing non-repudiation protocol setting.

In multilevel systems, it is important to avoid unwanted indirect information flow from higher levels lower levels, namely, the so-called covert channels. Initial studies of analysis were performed by abstracting away time and probability. It already known that systems are proven be secure in a possibilistic framework may turn out insecure when or probability considered. Recently, work has been done order consider also aspects either probability, but not both. this paper, we propose general...

Edit automata have been introduced by J. Ligatti et al. as a model for security enforcement mechanisms which work at run time. In distributed interacting system, they play role of monitor that runs in parallel with target program and transforms its execution sequence into obeys the property. this paper we characterize properties are enforceable finite edit automata, i.e. set states. We prove these sub-class ∞-regular sets. Moreover given an P, one can decide time O(n2) whether P is automaton...

Cyber-Physical systems (CPSs) are exposed to cyber- physical attacks, i.e., security breaches in cyberspace that adversely affect the processes of systems.We define two probabilistic metrics estimate impact attacks targeting cyber-physical formalised terms a hybrid extension Hennessy and Regan's Timed Process Language. Our taking into account: (i) severity inflicted damage given amount time, (ii) probability these actually accomplished, according dynamics system under attack. In doing so, we...