A FUNCTIONAL SPECIFICATION-BASED APPROACH FOR ANALYZING THE CYBER SECURITY OF END-USER INTERFACES WITHIN NPP

抄録

In this work, we are proposing a new approach for analyzing the cyber security of end-user interfaces based on a semi-formal specification of assets. Our starting point is the definition of the architecture of the Instrumentation and Control (I&C) platform that covers the following lifecycle phases: design, operation and maintenance. These different lifecycles will establish the main outline of our Functional Specification (FS). The developed FS defines, through a use case template, the functions involved within each phase of the system lifecycle. We are later exploiting a specific set of properties, which we chose based on their relevance and capability to acquaint us about the corresponding vulnerabilities of each function, that would allow us to finally assess the cybersecurity posture of the system.