Computer networks are exposed to serious security threats that can even have catastrophic consequences from both the points of view of economy and safety if such networks control critical infrastructures, such as for example industrial plants. Security must then be considered as a fundamental issue starting from the earlier phases of the design of a system, and suitable techniques and tools should be adopted to satisfy the security-related requirements. The focus of this paper is on how formal methods can help in analysing the standard cryptographic protocols used to implement security-critical services such as authentication and secret keys distribution in critical environments. The analysis of the 802.11 shared key authentication protocol by S3A, a fully automatic software tool that is based on a formal approach, is illustrated as a case study, which also highlights the peculiarities of analysing protocols based on wireless channels.

Improving the Security of Industrial Networks by means of Formal Verification / CIBRARIO BERTOLOTTI, I; Durante, L; Maggi, P; Sisto, Riccardo; Valenzano, A.. - In: COMPUTER STANDARDS & INTERFACES. - ISSN 0920-5489. - 29:3(2007), pp. 387-397. [10.1016/j.csi.2006.06.002]

Improving the Security of Industrial Networks by means of Formal Verification

CIBRARIO BERTOLOTTI I;DURANTE L;SISTO, Riccardo;VALENZANO A.
2007

Abstract

Computer networks are exposed to serious security threats that can even have catastrophic consequences from both the points of view of economy and safety if such networks control critical infrastructures, such as for example industrial plants. Security must then be considered as a fundamental issue starting from the earlier phases of the design of a system, and suitable techniques and tools should be adopted to satisfy the security-related requirements. The focus of this paper is on how formal methods can help in analysing the standard cryptographic protocols used to implement security-critical services such as authentication and secret keys distribution in critical environments. The analysis of the 802.11 shared key authentication protocol by S3A, a fully automatic software tool that is based on a formal approach, is illustrated as a case study, which also highlights the peculiarities of analysing protocols based on wireless channels.
File in questo prodotto:
File Dimensione Formato  
article.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 239.44 kB
Formato Adobe PDF
239.44 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
1-s2.0-S0920548906000766-main.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 493.05 kB
Formato Adobe PDF
493.05 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/1435505