Formally Verifying Flow Properties in Industrial Systems

Abstract : In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity. We apply our framework to two well-known industrial protocols: OPC-UA and MODBUS. Using TAMARIN, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify a weakness in a supposedly secure version of MODBUS.
Complete list of metadatas

Cited literature [28 references]  Display  Hide  Download
Contributor : Maxime Puys <>
Submitted on : Friday, May 26, 2017 - 10:39:14 AM
Last modification on : Wednesday, April 3, 2019 - 1:23:15 AM
Long-term archiving on : Monday, August 28, 2017 - 4:22:03 PM


Files produced by the author(s)



Jannik Dreier, Maxime Puys, Marie-Laure Potet, Pascal Lafourcade, Jean-Louis Roch. Formally Verifying Flow Properties in Industrial Systems. SECRYPT 2017 - 14th International Conference on Security and Cryptography, Jul 2017, Madrid, Spain. pp.55-66, ⟨10.5220/0006396500550066⟩. ⟨hal-01527913⟩



Record views


Files downloads