Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Towards preserving information flow security on architectural composition of cyber-physical systems

: Gerking, C.; Schubert, D.


Cuesta, Carlos E.:
ECSA 2018, 12th European Conference on Software Architecture. Proceedings : Madrid, Spain, September 24-28, 2018
Cham: Springer International Publishing, 2018 (Lecture Notes in Computer Science 11048)
ISBN: 978-3-030-00761-4
ISBN: 978-3-030-00760-7
ISBN: 978-3-030-00762-1
European Conference on Software Architecture (ECSA) <12, 2018, Madrid>
Conference Paper
Fraunhofer IEM ()

A key challenge of component-based software engineering is to preserve extra-functional properties such as security when composing the software architecture from individual components. Previous work in this area does not consider specific characteristics of cyber-physical systems like asynchronous message passing, real-time behavior, or so-called feedback composition with two-way communication. Thereby, a composition of secure components might lead to insecure architectures with undetected information leaks. In this paper, we address the preservation of information flow security on composition of cyber-physical systems, taking the above characteristics into account. We refine security policies during the architectural decomposition, and outline a compositional verification approach that checks the security of individual components against their refined policies. On composition of secure components, our approach preserves security and thereby enables the design of secure software architectures. We give a proof of concept using a component-based software architecture of a cyber-manufacturing system.