A Model for the Analysis of Security Policies in Industrial Networks

The analysis of security policies designed for ICS and SCADA can benefit significantly from the adoption of automatic/semi-automatic software tools that are able to work at a global (system) level. This implies the availability of a suitable model of the system, which is able to combine the abstractions used in the definition of policies with the access control and right management mechanisms usually present in the real system implementation. This paper introduces a modelling framework based on the Role Based Access Control (RBAC) technique that includes all the elements needed to support different kinds of automatic security analyses such as policy coherence checks and verifications of correct implementation of policies.