Techniques For Developing Secure-by-design Industrial Control Software
Industrial Control Systems (ICS) have significantly changed how we operate manufacturing plants, transportation systems, facility management and monitoring systems. Reliance on modern ICS has significantly improved human lives but with a strong caveat that their failure can sabotage and reset our technological journey. As a result, security has become a key concern in ICS that run highly distributed software applications deployed on resource-constrained devices. The complex requirements of highly distributed and heterogeneous ICS make them challenging to design and manage. Current literature shows that most state-of-the-art approaches deal with validation and verification of security requirements in ICS, lacking meaningful traceability across the system development life-cycle of ICS. Security standards provide a consolidated set of security requirements that are rigorously validated by the practitioners and academia. ICS security standard certified products ensure that the product has met the security requirements and has been subject to rigorous testing. A common approach to requirements traceability through design and implementation can help to improve the time-to-market of the product since the vendors and certifiers aim to validate and verify the same system. However, the lack of design guidelines for certifying ICS software is detrimental for stakeholders to follow a standard process in ICS certification. IEC 61499 is an emerging standard for developing distributed ICS applications. IEC 61499 can also be used for ICS security components by automated security requirements mapping techniques to help map security standards requirements link with the ICS design. However, the current secure-by-design approaches for ICS are not entirely aligned with security requirements engineering and security standards. This research aims to fulfil the current gaps regarding integrating ICS security requirements engineering, secure-by-design model and security implementation approaches to provide end-to-end traceability. The significant contributions of this research include a novel ``Secure Links'' technique to develop secure-by-design IEC 61499 ICS applications in a uniform, consistent, maintainable, traceable and reusable manner. Another notable contribution of this research is a novel model of a security requirements repository that stores labelled property graphs for cybersecurity requirements specifications and IEC 62433-4-2 security requirements in multiple partitions while emphasising requirements structure and relationships. At the same time, this research also contributes to fulfilling security goals such as confidentiality, availability and integrity in IEC 61499 ICS applications. The integration of the contributing artefacts such as secure links and security requirements repository forms a comprehensive solution for end-to-end traceability of security standard requirements to produce certified ICS software. Experimental results show that the secure links significantly reduce design and code complexity while also improving application maintainability and requirements traceability. This research also demonstrates the construction of the requirements traceability matrix that emerges as a natural consequence of using a labelled property graph repository.