Security Certification of Cyber Physical Systems for Critical Infrastructure based on the Compositional MILS Architecture

Hohenegger, Andreas; Krummeck, Gerald; Banos, Janie; Ortega, Alvaro; Hager, Michal; Sterba, Jiri; Kertis, Thomas; Novobilsky, Petr; Prochazka, Jan; Caracuel, Benito; Lourdes Sanz, Ana; Ramos, Francisco; Blasum, Holger; Brotz, Mario; Fuchsen, Rudolf; Fumaroli, Guillaume; Neškudla, Jan; Rollo, Jan; Burgstaller, Lisa; Truskaller, Martina; Koch, Klaus-Michael; Hametner, Reinhard; Rauscher, Sandro; Tummeltshammer, Peter; Golatowski, Frank; Schulz, Thorsten

doi:10.1109/IECON48115.2021.9589691

October 13, 2021 Preprint Open Access

Security Certification of Cyber Physical Systems for Critical Infrastructure based on the Compositional MILS Architecture

Hohenegger, Andreas; Krummeck, Gerald; Banos, Janie; Ortega, Alvaro; Hager, Michal; Sterba, Jiri; Kertis, Thomas; Novobilsky, Petr; Prochazka, Jan; Caracuel, Benito; Lourdes Sanz, Ana; Ramos, Francisco; Blasum, Holger; Brotz, Mario; Fuchsen, Rudolf; Fumaroli, Guillaume; Neškudla, Jan; Rollo, Jan; Burgstaller, Lisa; Truskaller, Martina; Koch, Klaus-Michael; Hametner, Reinhard; Rauscher, Sandro; Tummeltshammer, Peter; Golatowski, Frank; Schulz, Thorsten

We describe compositional architectures and certifications in the research project certMILS. Compositional architectures enable re-use of certified COTS (commercial off-the-shelf) components with a well-defined delegation of responsibilities between component developers and system integrators during cyber physical system design and certification. We show how we used a Common Criteria certified MILS (Multiple Independent Levels of Safety / Security) platform for compositional designs and IEC 62443-4-1/62443-4-2 security evaluations and certifications for composed systems from the domains of smart grid, railway, and subway, that are safety- and security-critical.

Preview

Files (419.6 kB)