S. Adepu and A. Mathur. An investigation into the response of a water treatment system into cyber attacks. In IEEE Symposium on High Assurance Systems Engineering (HASE), 2015.
D. Antonioli, H. R. Ghaeini, S. Adepu, M. Ochoa, and N. O. Tippenhauer. Gamifying education and research on ics security: Design, implementation and results of s3. 2017. Cornell University, ArXiv e-Prints, http://arxiv.org/abs/1702.03067v1.
A. Armando, W. Arsac, T. Avanesov, M. Barletta, A. Calvi, A. Cappai, R. Carbone, Y. Chevalier, L. Compagna, J. Cuellar, G. Erzse, S. Frau, M. Minea, S. Mödersheim, D. von Oheimb, G. Pellegrino, S. E. Ponta, M. Rocchetto, M. Rusinowitch, M. T. Dashti, M. Turuani, and L. Vigano. The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 267-282, 2012.
A. Armando, D. A. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P. H. Drielsma, P. Heam, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Vigano, and L. Vigneron. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of Computer Aided Verification, (CAV), pages 281-285, 2005.
A. Armando and L. Compagna. SATMC: A SAT-based model checker for security protocols. In JELIA, LNAI 3229. Springer, 2004.
AVANTSSAR. Deliverable 5.3: AVANTSSAR Library of validated problem cases. www.avantssar.eu, 2010.
AVANTSSAR. Deliverable 2.3 (update): ASLan++ specification and tutorial, 2011. Available at http://www.avantssar.eu.
D. Basin, S. Capkun, P. Schaller, and B. Schmidt. Let's get physical: Models and methods for real-world security protocols. In Proceedings of Theorem Proving in Higher Order Logics, 2009.
D. Basin, S. Capkun, P. Schaller, and B. Schmidt. Formal reasoning about physical properties of security protocols. Transactions on Information and System Security (TISSEC), 14(2):16, 2011.
D. Basin, S. Mödersheim, and L. Vigano. OFMC: A symbolic model checker for security protocols. Journal of Information Security, 4(3):181-208, 2005.
M. Bugliesi, S. Calzavara, S. Mödersheim, and P. Modesti. Security protocol specification and verification with AnBx. behaviour, 15:16, 2015.
A. A. Cardenas, S. M. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. S. Sastry. Challenges for securing cyber physical systems. In Workshop on Future Directions in Cyber-physical Systems Security. DHS, July 2009.
A. A. Cardenas, T. Roosta, and S. Sastry. Rethinking security properties, threat models, and the design space in sensor networks: A case study in SCADA systems. Ad Hoc Networks, 7(8):1434-1447, 2009.
D. E. Denning. Activism, hacktivism, and cyberterrorism: The internet as a tool for inuencing foreign policy. In Networks and Netwars: The Future of Terror, Crime, and Militancy. RAND Corporation, 2001.
P. Derler, E. A. Lee, and A. S. Vincentelli. Modeling cyber-physical systems. Proceedings of the IEEE, 100(1):13-28, Jan 2012.
D. Dolev and A. C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198-207, 1983.
A. Doupe, M. Cova, and G. Vigna. Why Johnny Can't Pentest: An Analysis of Black-Box Web Vulnerability Scanners, pages 111-131. Springer Berlin Heidelberg, 2010.
B. Feddersen, K. Keefe, W. H. Sanders, C. Muehrcke, D. Parks, A. Crapo, A. Gabaldon, and R. Palla. An ontological model for constructing mobius advise security models. In Proceedings of Conference on Dependable Systems and Networks (DSN), 2015.
M. D. Ford, K. Keefe, E. LeMay, W. H. Sanders, and C. Muehrcke. Implementing the ADVISE security modeling formalism in möbius. In IEEE/IFIP Conference on Dependable Systems and Networks (DSN), 2013.
B. Galloway and G. Hancke. Introduction to industrial control networks. Communications Surveys Tutorials, IEEE, 15(2):860-880, 2013.
D. Jackson. Software Abstractions: Logic, Language, and Analysis. The MIT Press, 2006.
K. H. John and M. Tiegelkamp. IEC 61131-3: Programming Industrial Automation Systems Concepts and Programming Languages, Requirements for Programming Systems, Decision-Making Aids. Springer, 2nd edition, 2010.
E. Kang, S. Adepu, D. Jackson, and A. P. Mathur. Model-based security analysis of a water treatment system. In Proceedings of the Workshop on Software Engineering for Smart Cyber-Physical Systems, pages 22-28. ACM, 2016.
E. LeMay, M. D. Ford, K. Keefe, W. H. Sanders, and C. Muehrcke. Model-based security metrics using adversary view security evaluation (ADVISE). In Proceedings of Conference on Quantitative Evaluation of Systems, QEST, 2011.
A. Mathur and N. O. Tippenhauer. A water treatment testbed for research and training on ics security. In Proceedings of Workshop on Cyber-Physical Systems for Smart Water Networks (CySWater), Apr. 2016.
A. Ornaghi and M. Valleri. Ettercap. https://ettercap.github.io/ettercap/, last visited August 3 2016.
M. Rocchetto, M. Ochoa, and M. Torabi Dashti. Model-based detection of CSRF. In ICT Systems Security and Privacy Protection, volume 428 of IFIP Advances in Information and Communication Technology. Springer Berlin Heidelberg, 2014.
M. Rocchetto and N. O. Tippenhauer. APE (Attacker Profile Examiner), 2016. Available at http://research.scy-phy.net/ape/.
M. Rocchetto and N. O. Tippenhauer. ASLan++ formal model of SWaT, 2016. Available at https://research.scy-phy.net/swatmodel.
M. Rocchetto and N. O. Tippenhauer. CPDY: Extending the dolev-yao attacker with physical-layer interactions. In Proceedings of the International Conference on Formal Engineering Methods (ICFEM), 2016.
M. Rocchetto and N. O. Tippenhauer. On attacker models and profiles for cyber-physical systems. In Proceedings of the European Simposium on Research in Computer Security (ESORICS), 2016.
P. Schaller, B. Schmidt, D. A. Basin, and S. Capkun. Modeling and verifying physical properties of security protocols for wireless networks. In Computer Security Foundations Symposium (CSF), pages 109-123, 2009.
V. Schiffer, D. Vangompel, and R. Voss. The common industrial protocol (CIP) and the family of CIP networks. ODVA, 2006.
M. Schmidt and H. Lipson. Distilling free-form natural laws from experimental data. science, 324(5923):81-85, 2009.
R. Software. Studio 5000 R. http://www.rockwellautomation.com/rockwellsoftware/products/studio-5000.page, last visited August 3 2016.
D. Steinmetzer, M. Schulz, and M. Hollick. Lockpicking physical layer key exchange: Weak adversary models invite the thief. In Proc. ACM Conference Wireless Security (WiSeC), 2015.
M. Turuani. The CL-Atse Protocol Analyser. In RTA, LNCS 4098, 2006.
D. Urbina, J. Giraldo, N. O. Tippenhauer, and A. Cardenas. Attacking fieldbus communications in ICS: Applications to the SWaT testbed. In Proceedings of Singapore Cyber Security R&D Conference (SG-CRC), Jan. 2016.
R. Vigo. The cyber-physical attacker. In Proceedings of Workshop of Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2012.
D. von Oheimb and S. Mödersheim. ASLan++ | a formal security specification language for distributed systems. In FMCO, LNCS 6957. Springer, 2010.
A. H. Vu, N. O. Tippenhauer, B. Chen, D. M. Nicol, and Z. Kalbarczyk. CyberSAGE: A tool for automatic security assessment of cyber-physical systems. In Proceeding of Quantitative Evaluation of Systems (QEST), pages 384-387, 2014.
S. Weinberger. Computer security: Is this the start of cyberwarfare? Nature, 174:142-145, June 2011.
