Industrial Cybersecurity: Improving Security Through Access Control Policy Models

The protection of networked industrial control systems (ICS) against cyber-attacks and malicious behavior is a process that should be taken into account since the very beginning of the system conception. This is true, in particular, for the design and verification of access control policies that build up the core of any protection scheme. The aim of this paper is assessing the general framework and shed some light on the research activities concerning the analysis and verification of access policies in ICS, which are currently being carried out in our laboratory.