Security Weaknesses Detection by Symbolic Analysis of Scenarios

Remotely-communicating software-based systems are tightly present in modern industrial society and securing their complex architecture is recognized as crucial. In particular, the perspectives to reinforce their security by monitoring are promising. However, monitoring schemes still face challenges as the presence of untrusted components seems unavoidable. Specially, since untrusted components may be placed in unsupervised areas, making them ideal targets for attackers. In this work, we propose a framework intended to support designers during systems conception. The approach mainly relies upon Security Watchdogs committed to detect and signal distrustful activity. A model-based framework is introduced to ease attacks descriptions upon scenarios in the form of UML sequence diagrams. The scenarios endowed with predefined attack patterns are analyzed using models transformations and symbolic techniques. By doing so, the effectiveness of watchdogs is confronted against attacks and the results can be used to reinforce the overall security of the system. The applicability of the proposed method is also shown by means of a Smart Grid case study.