Threat Repair with Optimization Modulo Theories

Thorsten Tarrach; Masoud Ebrahimi; Sandra König; Christoph Schmittner; Roderick Bloem; Dejan Nickovic

Threat Repair with Optimization Modulo Theories

Thorsten Tarrach, Masoud Ebrahimi, Sandra König, Christoph Schmittner, Roderick Bloem, Dejan Nickovic

Publikation: Arbeitspapier › Preprint

Abstract

We propose a model-based procedure for automatically preventing security threats using formal models. We encode system models and potential threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. Whenever threat prevention fails, we automatically explain why the threat happens. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains, including an industrial-strength example.

Originalsprache	englisch
Publikationsstatus	Veröffentlicht - 6 Okt. 2022

Zugriff auf Dokument

2210.03207v1

TRUSTED - VerTRaUen, Sicherheit & AuTonomie im FahrzEug Der Zukunft
Bloem, R.
1/11/19 → 31/10/22
Projekt: Forschungsprojekt

Dieses zitieren

@techreport{d859bf99f23b45689c5e7c4e5561bfad,

title = "Threat Repair with Optimization Modulo Theories",

abstract = " We propose a model-based procedure for automatically preventing security threats using formal models. We encode system models and potential threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. Whenever threat prevention fails, we automatically explain why the threat happens. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains, including an industrial-strength example. ",

keywords = "cs.CR, cs.FL, cs.LO",

author = "Thorsten Tarrach and Masoud Ebrahimi and Sandra K{\"o}nig and Christoph Schmittner and Roderick Bloem and Dejan Nickovic",

year = "2022",

month = oct,

day = "6",

language = "English",

type = "WorkingPaper",

}

TY - UNPB

T1 - Threat Repair with Optimization Modulo Theories

AU - Tarrach, Thorsten

AU - Ebrahimi, Masoud

AU - König, Sandra

AU - Schmittner, Christoph

AU - Bloem, Roderick

AU - Nickovic, Dejan

PY - 2022/10/6

Y1 - 2022/10/6

N2 - We propose a model-based procedure for automatically preventing security threats using formal models. We encode system models and potential threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. Whenever threat prevention fails, we automatically explain why the threat happens. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains, including an industrial-strength example.

AB - We propose a model-based procedure for automatically preventing security threats using formal models. We encode system models and potential threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. Whenever threat prevention fails, we automatically explain why the threat happens. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains, including an industrial-strength example.

KW - cs.CR

KW - cs.FL

KW - cs.LO

M3 - Preprint

BT - Threat Repair with Optimization Modulo Theories

ER -

Threat Repair with Optimization Modulo Theories

Abstract

Zugriff auf Dokument

Fingerprint

Projekte

TRUSTED - VerTRaUen, Sicherheit & AuTonomie im FahrzEug Der Zukunft

Dieses zitieren