research-article

Mitigating security threats through the use of security tactics to design secure cyber-physical systems (CPS)

Authors:

Cristian Orellana,

Mónica M. Villegas,

Hernán AstudilloAuthors Info & Claims

ECSA '19: Proceedings of the 13th European Conference on Software Architecture - Volume 2

Pages 109 - 115

https://doi.org/10.1145/3344948.3344994

Published: 09 September 2019 Publication History

Abstract

Cyber-Physical Systems (CPS) attract growing interest from architects and attackers, given their potential effect on privacy and safety of ecosystems and users. Architectural tactics have been proposed as a design-time abstraction useful to guide and evaluate systems design decisions that address specific system qualities, but there is little published evidence of how Security Tactics help to mitigate security threats in the context of Cyber-Physical Systems. This article reports the principled derivation of architectural tactics for an actual SCADA-SAP bridge, where security was the key concern; the key inputs were (1) a well-known taxonomies of architectural tactics, and (2) a detailed record of trade-offs among these tactics. The project architects used client-specified quality attributes to identify relevant tactics in the taxonomy, and information on their trade-offs to guide top-level decisions on system global shape. We venture that all architectural tactics taxonomies should be enriched with explicit trade-offs, allowing architects to compare alternative solutions that seem equally good on principle but are not so in practice.

References

[1]

Trevor A. Kletz. 2018. Hazop and Hazan: Identifying and assessing process industry hazards.

[2]

Mohamed Abomhara, Geir Køien, and Martin Gerdes. 2015. A STRIDE-Based Threat Model for Telehealth Systems.

[3]

Len Bass, Paul Clements, and Rick Kazman. 2012. Software Architecture in Practice (third ed.). Addison-Wesley Professional.

Digital Library

[4]

Humberto Cervantes and Rick Kazman. 2016. Designing Software Architectures: A Practical Approach (1st ed.). Addison-Wesley Professional.

Digital Library

[5]

J. Chavarriaga, C. Noguera, R. Casallas, and V. Jonckers. 2015. Managing tradeoffs among architectural tactics using feature models and feature-solution graphs. In 2015 10th Computing Colombian Conference (10CCC). 124--132.

[6]

Lawrence Chung and Julio Cesar Sampaio do Prado Leite. 2009. On Non-Functional Requirements in Software Engineering. Springer Berlin Heidelberg, Berlin, Heidelberg, 363--379.

Digital Library

[7]

Mike Cohn. 2005. Agile Estimating and Planning. Prentice Hall PTR, Upper Saddle River, NJ, USA.

Digital Library

[8]

Eduardo B. Fernandez, Hernán Astudillo, and Gilberto Pedraza-García. 2015. Revisiting Architectural Tactics for Security. In Software Architecture, Danny Weyns, Raffaela Mirandola, and Ivica Crnkovic (Eds.). Springer International Publishing, Cham, 55--69.

[9]

Solms Fritz and Loek Cleophas. 2015. A Systematic Method for Software Architecture Design.

[10]

Neil B. Harrison and Paris Avgeriou. 2010. How Do Architecture Patterns and Tactics Interact? A Model and Annotation. J. Syst. Softw. 83, 10 (Oct. 2010), 1735--1758.

Digital Library

[11]

Michael Howard and Steve Lipner. 2006. The Security Development Lifecycle. Microsoft Press, Redmond, WA, USA.

Digital Library

[12]

Mohamad Kassab, Ghizlane El-Boussaidi, and Hafedh Mili. 2012. A Quantitative Evaluation of the Impact of Architectural Patterns on Quality Requirements. Springer Berlin Heidelberg, Berlin, Heidelberg, 173--184.

[13]

R. Kazman, M. Klein, M. Barbacci, T. Longstaff, H. Lipson, and J. Carriere. 1998. The architecture tradeoff analysis method. In Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193). 68--78.

[14]

Rafiullah Khan, Kieran McLaughlin, David Laverty, and Sakir Sezer. 2018. STRIDE-based Threat Modeling for Cyber-Physical Systems. In 2017 IEEE PES: Innovative Smart Grid Technologies Conference Europe (ISGT-Europe): Proceedings. IEEE.

[15]

P. Laplante, J. Ryoo, and R. Kazman. 2010. A Methodology for Mining Security Tactics from Security Patterns. In 2014 47th Hawaii International Conference on System Sciences. IEEE Computer Society, Los Alamitos, CA, USA, 1--5.

Digital Library

[16]

Edward A. Lee. 2008. Cyber Physical Systems: Design Challenges. In Proceedings of the 2008 11th IEEE Symposium on Object Oriented Real-Time Distributed Computing (ISORC '08). IEEE Computer Society, Washington, DC, USA, 363--369.

Digital Library

[17]

Edward Ashford Lee and Sanjit Arunkumar Seshia. 2016. Introduction to Embedded Systems: A Cyber-Physical Systems Approach (2nd ed.). The MIT Press.

Digital Library

[18]

George Loukas. 2015. Cyber-Physical Attacks: A Growing Invisible Threat (1st ed.). Butterworth-Heinemann, Newton, MA, USA.

Digital Library

[19]

G. Macher, H. Sporer, R. Berlach, E. Armengaud, and C. Kreiner. 2015. SAHARA: A security-aware hazard and risk analysis method. In 2015 Design, Automation Test in Europe Conference Exhibition (DATE). 621--624.

Digital Library

[20]

Ivan Mistrik, Nour Ali, Rick Kazman, John Grundy, and Bradley Schmerl. 2016. Managing Trade-offs in Adaptable Software Architectures (1st ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.

Digital Library

[21]

Felipe Osses, Gastón Márquez, Mónica M. Villegas, Cristian Orellana, Marcello Visconti, and Hernán Astudillo. 2018. Security Tactics Selection Poker (TaSPeR): A Card Game to Select Security Tactics to Satisfy Security Requirements. In Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings (ECSA '18). ACM, New York, NY, USA, Article 54, 7 pages.

Digital Library

[22]

G. Pedraza-Garcia, H. Astudillo, and D. Correal. 2014. A methodological approach to apply security tactics in software architecture design. In 2014 IEEE Colombian Conference on Communications and Computing (COLCOM). 1--8.

[23]

J. C. S. Santos, K. Tarrit, and M. Mirakhorli. 2017. A Catalog of Security Architecture Weaknesses. In 2017 IEEE International Conference on Software Architecture Workshops (ICSAW). 220--223.

[24]

Darren Seifert and Hassan Reza. 2016. A Security Analysis of Cyber-Physical Systems Architecture for Healthcare. Computers 5 (10 2016), 24.

[25]

Adam Shostack. 2014. Threat Modeling: Designing for Security (1st ed.). Wiley Publishing.

Digital Library

[26]

Saurabh Singh, Pradip Kumar Sharma, Seo Yeon Moon, and Jong Hyuk Park. 2017. Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions. Journal of Ambient Intelligence and Humanized Computing (24 May 2017).

[27]

Houbing Song, Glenn A. Fink, and Sabina Jeschke. 2017. Security and Privacy in Cyber-Physical Systems Foundations, Principles, and Applications. Wiley.

Digital Library

[28]

William Young and Nancy G. Leveson. 2014. An Integrated Approach to Safety and Security Based on Systems Theory. Commun. ACM 57, 2 (Feb. 2014), 31--35.

Digital Library

Cited By

Márquez GAstudillo HKazman R(2023)Architectural tactics in software architectureJournal of Systems and Software10.1016/j.jss.2022.111558197:COnline publication date: 13-Feb-2023
https://dl.acm.org/doi/10.1016/j.jss.2022.111558
Vergara-Vargas JRestrepo-Calle FSadou STibermacine C(2023)Sarch-Knows: A Knowledge Graph for Modeling Security Scenarios at the Software Architecture LevelSoftware Architecture. ECSA 2023 Tracks, Workshops, and Doctoral Symposium10.1007/978-3-031-66326-0_7(107-119)Online publication date: 18-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-66326-0_7
Milhem HHarrison N(2022)The Quality Attibutes and Architectural Tactics of Amazon Web Services (AWS)2022 Intermountain Engineering, Technology and Computing (IETC)10.1109/IETC54973.2022.9796821(1-6)Online publication date: May-2022
https://doi.org/10.1109/IETC54973.2022.9796821
Show More Cited By

Index Terms

Mitigating security threats through the use of security tactics to design secure cyber-physical systems (CPS)
1. Computer systems organization
  1. Embedded and cyber-physical systems
    1. Embedded systems
      1. Embedded software
2. Security and privacy
  1. Software and application security

Recommendations

Mitigating security threats using tactics and patterns: a controlled experiment
ECSAW '16: Proccedings of the 10th European Conference on Software Architecture Workshops

Security Patterns and Architectural Tactics are two well-known techniques for designing secure software systems. There is little or no empirical evidence on their relative effectiveness for security threats mitigation. This study presents MUA (Misuse ...
Identifying availability tactics to support security architectural design of microservice-based systems
ECSA '19: Proceedings of the 13th European Conference on Software Architecture - Volume 2

Microservices is an architectural style that considers systems as modular, customer-centric, independent, and scalable suite of services. In order to address security requirements in microservices-based systems, architects often must focus on critical ...
Architectural tactics in software architecture: A systematic mapping study
Abstract
Architectural tactics are a key abstraction of software architecture, and support the systematic design and analysis of software architectures to satisfy quality attributes. Since originally proposed in 2003, architectural tactics have ...
Highlights
- There is little industrial evidence on the use of architectural tactics.
- The ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ECSA '19: Proceedings of the 13th European Conference on Software Architecture - Volume 2

September 2019

286 pages

ISBN:9781450371421

DOI:10.1145/3344948

Editors:
Laurence Duchien
University of Lille, France
,
Catia Trubiani
Gran Sasso Science Institute (GSSI), Italy
,
Riccardo Scandariato
Chalmers | University of Gothenburg, Sweden
,
Raffaela Mirandola
Polytecnico di Milano, Italy
,
Elena Maria Navarro Martinez
Universidad de Castilla-La Mancha, Spain
,
Danny Weyns
Katholieke Universiteit Leuven, Belgium
,
Anne Koziolek
Karlsruhe Institute of Technology, Germany
,
Patrizia Scandurra
University of Bergamo, Italy
,
Clément Quinton
University of Lille, France

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 September 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ECSA

ECSA: European Conference on Software Architecture

September 9 - 13, 2019

Paris, France

Acceptance Rates

ECSA '19 Paper Acceptance Rate 48 of 72 submissions, 67%;

Overall Acceptance Rate 48 of 72 submissions, 67%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
254
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)1

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Márquez GAstudillo HKazman R(2023)Architectural tactics in software architectureJournal of Systems and Software10.1016/j.jss.2022.111558197:COnline publication date: 13-Feb-2023
https://dl.acm.org/doi/10.1016/j.jss.2022.111558
Vergara-Vargas JRestrepo-Calle FSadou STibermacine C(2023)Sarch-Knows: A Knowledge Graph for Modeling Security Scenarios at the Software Architecture LevelSoftware Architecture. ECSA 2023 Tracks, Workshops, and Doctoral Symposium10.1007/978-3-031-66326-0_7(107-119)Online publication date: 18-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-66326-0_7
Milhem HHarrison N(2022)The Quality Attibutes and Architectural Tactics of Amazon Web Services (AWS)2022 Intermountain Engineering, Technology and Computing (IETC)10.1109/IETC54973.2022.9796821(1-6)Online publication date: May-2022
https://doi.org/10.1109/IETC54973.2022.9796821
Orellana CAstudillo HFernandez E(2021)A Pattern for a Secure Actuator NodeProceedings of the 26th European Conference on Pattern Languages of Programs10.1145/3489449.3490007(1-6)Online publication date: 7-Jul-2021
https://dl.acm.org/doi/10.1145/3489449.3490007
Hao XRen WXiong RZhu TChoo K(2021)Asymmetric cryptographic functions based on generative adversarial neural networks for Internet of ThingsFuture Generation Computer Systems10.1016/j.future.2021.05.030124:C(243-253)Online publication date: 1-Nov-2021
https://dl.acm.org/doi/10.1016/j.future.2021.05.030
Orellana CFernandez EAstudillo HWirfs-Brock R(2020)A pattern for a secure sensor nodeProceedings of the 27th Conference on Pattern Languages of Programs10.5555/3511065.3511081(1-10)Online publication date: 12-Oct-2020
https://dl.acm.org/doi/10.5555/3511065.3511081

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents