- "Cyber-security modelling and analysis framework" research project : Developing a cohesive framework for the specification, formalization and analysis of secure software and hardware architecture
- In progress since December 2020
- Funded by the AID (Defense Innovation Agency)
This research program is led by Raul Mazo Pena, a research professor at ENSTA Bretagne / Lab-STICC (SHARP Department, P4S team) :
It is still early days for the "Security by Design" approach and significant R&D efforts will be required for its use to become systematic and widespread. That’s the aim of this groundbreaking project, which is in some ways opening up a whole new engineering discipline by outlining a new vision. To take up this challenge, the project sets out to create a cohesive, overarching theory, with systematic design tools, techniques and methods.
Attacks on digital systems are becoming more common.
Not a single week goes by without another news flash about an attack on a private or public organization’s systems. Such cyber crime is on the rise amid increased use of ever more complex software and hardware architecture in which systems are constantly exposed to new vulnerabilities.
"Secure by Design" is a promising, radical approach for tackling the root of the problem: it entails developing systems so that they are secure right from their design.
This development approach is gaining ground in a bid to ensure system security and privacy. But it needs to be ramped up and formalized to go beyond the production of a hodgepodge of security products and techniques that are simply not commensurate with the risks.
In this approach, security is built into the system right from the outset and begins with secure system architecture specifications. System architects and engineers are responsible for the specification and design of systems to ensure suitable cover of the risks associated with nominal use and with internal and extreme attacks.
Security engineering as regards these systems requires different levels of abstraction and viewpoints to be expressed in appropriate programming and modeling terms (e.g. the hardware, software and network aspects in the case of cyber-physical systems) according to a multi-paradigm modeling approach to security. Following their expression, they must then be incorporated. This inevitable and essential solution makes joint use of heterogeneous models during the development cycle to enable certain analytical functions and thus find threats, vulnerabilities and risks, etc. This overall analysis of the security of software and hardware architecture on the basis of heterogeneous models forms the second part of the main objective of this project.
The multi-paradigm modeling approach to security will be developed as a set of languages enriched by security concepts (such as security requirement, security policy, security target, threat, attack surface, attack, vulnerability, risk, impact, security pattern, etc.), as well as modeling and model federation processes.