Security of industrial networks (INS)

Concerning the security of industrial networked systems (INS) to check the correct implementation of access control policies, a twofold model for analysing the access control policies for industrial networked systems was presented. The model consists of a high level Specification and a low level Implementation part. The Implementation part of the model represents the real system implementation and deals with the details of the physical system, its access and traffic control mechanism. Implementation consists of two parts. The first part is called data model which is static description of the system, e.g., network topology and devices, hosts and their configurations and physical location of the devices. The second part is designed by means of inference rules that allow to compute all possible actions of the players and players' (initial) state. In this work, a partial Implementation data model through Flex and Bison applications was parsed, and suitable data structures for our data model were designed. Finally, some steps toward testing procedure were done.