Copyright Notice:
The publication copies distributed in this site are
provided to ensure timely dissemination of scholarly and technical
work. Copyright and all rights therein are retained by authors or by
other copyright holders (as explicitly indicated). All persons copying
this information are expected to adhere
to the terms and constraints invoked by each copyright. In
most cases, these works may not be reposted without the explicit
permission of the copyright holder
Ivan Cibrario Bertolotti, Luca Durante, Paolo Maggi, Riccardo Sisto, Adriano Valenzano,
Improving the security of industrial networks by means of formal verification,
Comput. Stand. Interfaces, Vol. 29, No. 3 (March 2007), Elsevier, pp. 387-397.
©2007 Elsevier
doi: 10.1016/j.csi.2006.06.002
Abstract
Computer networks are exposed to serious security threats that can even have catastrophic consequences from both the points
of view of economy and safety if such networks control critical infrastructures, such as for example industrial plants. Security
must then be considered as a fundamental issue starting from the earlier phases of the design of a system, and suitable techniques
and tools should be adopted to satisfy the security-related requirements. The focus of this paper is on how formal methods
can help in analysing the standard cryptographic protocols used to implement security-critical services such as authentication
and secret keys distribution in critical environments. The analysis of the 802.11 shared key authentication protocol by S3A,
a fully automatic software tool that is based on a formal approach, is illustrated as a case study, which also highlights
the peculiarities of analysing protocols based on wireless channels.
Back to Riccardo Sisto's publications