Group colloquium: Tracing Information Flow Security in Model-Driven Engineering of Cyber-Physical Systems

When: Oct. 11, 2018, 15:45-16:45

Where: Cubicus B209

Who: Christopher Gerking

Cyber-physical systems are developed collaboratively between software engineers and other engineering disciplines. This collaboration has coined the term "systems engineering". Model-driven engineering is widely used to integrate these different disciplines, regarding models as primary development artefacts. Due to the increased attack surface of cyber-physical systems, security has evolved into a key quality factor that needs to be taken into account at an early stage of the engineering process to prevent information leaks "by design". In this talk, I will present my work on the integration of formal methods from the area of "information flow security" into a model-driven engineering approach for cyber-physical systems. The goal is to trace confidentiality and integrity requirements between their specification at the level of systems engineering and their verification at the level of software engineering. In my work, I am facing challenges such as the specification of security policies, the application of formal verification techniques, and the preservation of security on composition of systems. Pre-existing results on these challenges are not easily applicable due to specific characteristics of cyber-physical systems like real-time behavior or message passing communication.

	Home > News and Events > Events
<< EEMCS (EWI) Home News and Events » Group Colloquium » Events » In the Media People Research Education Vacancies Intranet Contact	Group colloquium: Tracing Information Flow Security in Model-Driven Engineering of Cyber-Physical Systems When: Oct. 11, 2018, 15:45-16:45 Where: Cubicus B209 Who: Christopher Gerking Cyber-physical systems are developed collaboratively between software engineers and other engineering disciplines. This collaboration has coined the term "systems engineering". Model-driven engineering is widely used to integrate these different disciplines, regarding models as primary development artefacts. Due to the increased attack surface of cyber-physical systems, security has evolved into a key quality factor that needs to be taken into account at an early stage of the engineering process to prevent information leaks "by design". In this talk, I will present my work on the integration of formal methods from the area of "information flow security" into a model-driven engineering approach for cyber-physical systems. The goal is to trace confidentiality and integrity requirements between their specification at the level of systems engineering and their verification at the level of software engineering. In my work, I am facing challenges such as the specification of security policies, the application of formal verification techniques, and the preservation of security on composition of systems. Pre-existing results on these challenges are not easily applicable due to specific characteristics of cyber-physical systems like real-time behavior or message passing communication.