Amlsec - Automated Security Risk Identification Using AutomationML-based Engineering Data
2020-11-23 05:30:00 Author: www.blogger.com(查看原文) 阅读量:172 收藏

tag:blogger.com,1999:blog-8317222231133660547.post-1320076559308579102020-11-22T17:30:00.003-03:002020-11-22T17:30:01.112-03:00Amlsec - Automated Security Risk Identification Using AutomationML-based Engineering Data<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-dM0L7h92n28/X7db50yY5xI/AAAAAAAAUcA/Wz_pB0phNCwmNkJw96WJPBlH4VC79zJhQCNcBGAsYHQ/s1913/amlsec.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="687" data-original-width="1913" height="230" src="https://1.bp.blogspot.com/-dM0L7h92n28/X7db50yY5xI/AAAAAAAAUcA/Wz_pB0phNCwmNkJw96WJPBlH4VC79zJhQCNcBGAsYHQ/w640-h230/amlsec.png" width="640" /></a></div><p><br /></p> <p>This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts. The results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage <a href="https://www.kitploit.com/search/label/Cyber%20Attacks" target="_blank" title="cyber attacks">cyber attacks</a> that potentially lead to physical damage.</p><span><a name='more'></a></span><div><br /></div><span style="font-size: large;"><b>Installation</b></span><br /> <ol> <li>Build AML2OWL</li> </ol> <p>This prototype depends on a forked version of the <a href="https://github.com/sbaresearch/ETFA2019" rel="nofollow" target="_blank" title="implementation of the bidirectional translation between AML and OWL">implementation of the bidirectional translation between AML and OWL</a> for the ETFA 2019 paper <a href="https://arxiv.org/abs/1906.04240" rel="nofollow" target="_blank" title="Interpreting OWL Complex Classes in AutomationML based on Bidirectional Translation">"Interpreting OWL Complex Classes in AutomationML based on Bidirectional Translation"</a> by Hua and Hein. Clone the <a href="https://github.com/sbaresearch/ETFA2019" rel="nofollow" target="_blank" title="repository">repository</a>, compile the projects, and assemble an application bundle of <code>aml_owl</code>:</p> <pre><code>$ cd aml_models<br />$ mvn clean compile install<br />$ cd ../aml_io<br />$ mvn clean compile install<br />$ cd ../aml_owl<br />$ mvn clean compile install assembly:single<br /></code></pre> <ol start="2"> <li>Setup the AMLsec Base Directory</li> </ol> <p>Clone this repository, create the application base directory (usually located in the user's home directory), and place the files located in <a href="https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir" rel="nofollow" target="_blank" title="amlsec-base-dir">amlsec-base-dir</a> and the assembled AML2OWL JAR (located in <code>aml_owl/target/</code>) there. The AMLsec base directory and the path to the AML2OWL JAR must be set in the <a href="https://github.com/sbaresearch/amlsec/blob/master/amlsec/src/main/resources/application.conf" rel="nofollow" target="_blank" title="configuration file">configuration file</a> using the keys <code>baseDir</code> and <code>amlToOwlProgram</code>, respectively.</p> <ol start="3"> <li>Setup <a href="https://www.kitploit.com/search/label/Apache" target="_blank" title="Apache">Apache</a> Jena Fuseki</li> </ol> <p>Install and start <a href="https://jena.apache.org/documentation/fuseki2/" rel="nofollow" target="_blank" title="Apache Jena Fuseki">Apache Jena Fuseki</a>:</p> <pre><code>$ java -jar &lt;path_to_apache-jena-fuseki-X.Y.Z&gt;/fuseki-server.jar --update<br /></code></pre> <ol start="4"> <li>Build AMLsec</li> </ol> <p>Finally, build and start the app by using <a href="https://www.scala-sbt.org/" rel="nofollow" target="_blank" title="sbt">sbt</a>.</p> <pre><code>$ sbt "runMain org.sba_research.worker.Main"<br /></code></pre> <br /><span style="font-size: large;"><b>Usage</b></span><br /> <p>The implemented method utilizes a semantic information mapping mechanism realized by means of AML libraries. These <a href="https://github.com/sbaresearch/amlsec/tree/master/amlsec-libs" rel="nofollow" target="_blank" title="AML security extension libraries">AML security extension libraries</a> can be easily reused in engineering projects by importing them into AML files.</p> <p>The capabilities of this prototype are demonstrated in a <a href="https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir/case-study/CaseStudy_A.aml" rel="nofollow" target="_blank" title="case study">case study</a>. Running this prototype as is will yield the knowledge base (can be accessed via Fuseki), which also includes the results of the risk identification process, and the following pruned cyber-physical attack graph:</p> <p><br /></p><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-P2ZD8rCAuqM/X7dbpQCMRRI/AAAAAAAAUb4/qhGnavVOpbE20tSd2lKbFXd8Q03pIElGgCNcBGAsYHQ/s1913/amlsec.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="687" data-original-width="1913" height="230" src="https://1.bp.blogspot.com/-P2ZD8rCAuqM/X7dbpQCMRRI/AAAAAAAAUb4/qhGnavVOpbE20tSd2lKbFXd8Q03pIElGgCNcBGAsYHQ/w640-h230/amlsec.png" width="640" /></a></div><p><br /></p><b>Cluster</b><br /> <p>The prototype utilizes the <a href="https://akka.io/" rel="nofollow" target="_blank" title="Akka">Akka</a> framework and is able to distribute the risk identification workload among multiple nodes. The <a href="https://github.com/akka/akka-samples/tree/2.6/akka-sample-distributed-workers-scala" rel="nofollow" target="_blank" title="Akka">Akka </a><a href="https://www.kitploit.com/search/label/Distributed" target="_blank" title="distributed">distributed</a> workers sample was used as a template.</p> <p>To run the cluster with multiple nodes:</p> <ol> <li>Start Cassandra:</li> </ol> <pre><code>$ sbt "runMain org.sba_research.worker.Main cassandra"<br /></code></pre> <ol start="2"> <li>Start the first seed node:</li> </ol> <pre><code>$ sbt "runMain org.sba_research.worker.Main 2551"<br /></code></pre> <ol start="3"> <li>Start a front-end node:</li> </ol> <pre><code>$ sbt "runMain org.sba_research.worker.Main 3001"<br /></code></pre> <ol start="4"> <li>Start a worker node (the second parameter denotes the number of worker actors, e.g., 3):</li> </ol> <pre><code>$ sbt "runMain org.sba_research.worker.Main 5001 3"<br /></code></pre> <p>If you run the nodes on separate machines, you will have to <a href="https://www.kitploit.com/search/label/ADAPT" target="_blank" title="adapt">adapt</a> the Akka settings in the <a href="https://github.com/sbaresearch/amlsec/blob/master/amlsec/src/main/resources/application.conf" rel="nofollow" target="_blank" title="configuration file">configuration file</a>.</p> <br /><span style="font-size: large;"><b>Performance Assessment</b></span><br /> <p>The measurements and log files obtained during the <a href="https://www.kitploit.com/search/label/Performance" target="_blank" title="performance">performance</a> assessment are available upon request.</p> <br /><br /><div style="text-align: center;"><b><span style="font-size: x-large;"><a class="kiploit-download" href="https://github.com/sbaresearch/amlsec" rel="nofollow" target="_blank" title="Download Amlsec">Download Amlsec</a></span></b></div>Zion3R[email protected]

文章来源: http://www.blogger.com/feeds/8317222231133660547/posts/default/132007655930857910
如有侵权请联系:admin#unsafe.sh