Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Formally Verified ZTA Requirements for OT/ICS Environments with Isabelle/HOL

Conference ·
; ; ;

The clean energy transformation includes the integration of distributed energy resources with the power grid, which has led to a substantial increase in the complexity of power grids infrastructure and the underlying operational technology environment. Power grids infrastructure represents an operational technology environment that has become a system of systems, integrating heterogeneous devices which are both software-and hardware-intensive; as a result, there are increasing demands to exploit advances in the commodity of software-hardware infrastructures to improve energy systems requirements such as cybersecurity and resilience. In such a setting, system requirements at different levels mix, which leads to vulnerabilities and undesirable outcomes. The use of formal methods to characterize and prove system requirements removes ambiguity, increases automation, and provides high levels of assurance and reliability. In this paper, we contribute a methodology and a framework for the system-level verification of zero trust architecture requirements in operational technology environments. We define a formal specification for the core functionalities of operational technology environments, the corresponding invariants, and security proofs. Of particular note is our modular approach for the formal verification of asynchronous interactions in operational technology environments. The formal specification and the proofs have been mechanized using the interactive theorem proving environment Isabelle/HOL.

Research Organization:
National Renewable Energy Laboratory (NREL), Golden, CO (United States)
Sponsoring Organization:
USDOE National Renewable Energy Laboratory (NREL), Laboratory Directed Research and Development (LDRD) Program
DOE Contract Number:
AC36-08GO28308
OSTI ID:
2437676
Report Number(s):
NREL/CP-5R00-91015; MainId:92793; UUID:12b5c460-22eb-45af-b3d4-f0c572c22a3a; MainAdminId:73446
Country of Publication:
United States
Language:
English

References (19)

Isabelle/jEdit as IDE for Domain-specific Formal Languages and Informal Text Documents journal November 2018
Architecture and security of SCADA systems: A review journal September 2021
ARMET: Behavior-Based Secure and Resilient Industrial Control Systems journal January 2018
Modeling and Performance Analysis of a Microturbine as a Distributed Energy Resource journal June 2009
Renewable energy and geopolitics: A review journal April 2020
A Survey of Cyber-Physical Advances and Challenges of Wind Energy Conversion Systems: Prospects for Internet of Energy journal April 2016
A Review of Cyber–Physical Security for Photovoltaic Systems journal August 2022
Cyber-Physical Systems Security—A Survey journal December 2017
The inductive approach to verifying cryptographic protocols journal January 1998
Formally Verifying Flow Properties in Industrial Systems conference January 2017
Towards Formal Security Analysis of Industrial Control Systems conference April 2017
UTP Semantics for Shared-State, Concurrent, Context-Sensitive Process Models conference July 2016
The dynamic frames theory journal May 2011
OPC Unified Architecture book January 2009
A Secure Communication Architecture for Distributed Microgrid Control journal September 2015
New Opportunities for Integrated Formal Methods journal October 2019
Towards foundational verification of cyber-physical systems conference April 2016
Deeply Integrating C11 Code Support into Isabelle/PIDE journal December 2019
Solid oxide fuel cells (SOFCs): a review of an environmentally clean and efficient source of energy journal October 2002

Similar Records

Related Subjects

Isabelle/HOL
MATHEMATICS AND COMPUTING
POWER TRANSMISSION AND DISTRIBUTION
OT security
formal methods
microgrids