{"id":13844682,"url":"https://github.com/sbaresearch/amlsec","last_synced_at":"2025-07-12T00:31:16.703Z","repository":{"id":72533584,"uuid":"238458594","full_name":"sbaresearch/amlsec","owner":"sbaresearch","description":"Automated Security Risk Identification Using AutomationML-based Engineering Data","archived":false,"fork":false,"pushed_at":"2022-07-24T19:23:10.000Z","size":2152,"stargazers_count":28,"open_issues_count":0,"forks_count":9,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-08-05T17:42:53.020Z","etag":null,"topics":["automationml","cyber-physical-systems","industrial-automation","research","risk-assessment","security","semantic-web"],"latest_commit_sha":null,"homepage":"","language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sbaresearch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-02-05T13:37:52.000Z","updated_at":"2023-10-25T05:31:43.000Z","dependencies_parsed_at":null,"dependency_job_id":"353eb2ee-3452-4391-91c2-2a8b9c56561d","html_url":"https://github.com/sbaresearch/amlsec","commit_stats":{"total_commits":13,"total_committers":3,"mean_commits":4.333333333333333,"dds":0.3076923076923077,"last_synced_commit":"580d540976f620c0ec1d25ae64b718f431cbdfd2"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbaresearch%2Famlsec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbaresearch%2Famlsec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbaresearch%2Famlsec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbaresearch%2Famlsec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sbaresearch","download_url":"https://codeload.github.com/sbaresearch/amlsec/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225772727,"owners_count":17521878,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automationml","cyber-physical-systems","industrial-automation","research","risk-assessment","security","semantic-web"],"created_at":"2024-08-04T17:02:51.981Z","updated_at":"2024-11-21T17:30:42.428Z","avatar_url":"https://github.com/sbaresearch.png","language":"Scala","funding_links":[],"categories":["Scala (2)","Scala"],"sub_categories":[],"readme":"# Automated Security Risk Identification in Cyber-Physical Production Systems Using AutomationML-Based Engineering Data\n\n\nThis prototype implements the methods presented in the following two publications:\n\n1. [Eckhart, M., Ekelhart, A., \u0026 Weippl, E. R. (2020). Automated Security Risk Identification Using AutomationML-Based Engineering Data. IEEE Transactions on Dependable and Secure Computing.](https://doi.org/10.1109/TDSC.2020.3033150)\n2. [Eckhart, M., Ekelhart, A., Biffl S., Lüder A., \u0026 Weippl, E. R. (2022). QualSec: An Automated Quality-Driven Approach for Security Risk Identification in Cyber-Physical Production Systems. IEEE Transactions on Industrial Informatics.](https://doi.org/10.1109/tii.2022.3193119)\n\nIn essence, it identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts.\nThe results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage cyber-attacks that potentially lead to physical damage.\nMoreover, cascading effects and consequences of attacks affecting product quality are identified.\n\n## Installation\n\n1. Build AML2OWL\n\nThis prototype depends on a forked version of the [implementation of the bidirectional translation between AML and OWL](https://github.com/sbaresearch/ETFA2019) for the ETFA 2019 paper [\"Interpreting OWL Complex Classes in AutomationML based on Bidirectional Translation\"](https://arxiv.org/abs/1906.04240) by Hua and Hein.\nClone the [repository](https://github.com/sbaresearch/ETFA2019), compile the projects, and assemble an application bundle of `aml_owl`:\n```\n$ cd aml_models\n$ mvn clean compile install\n$ cd ../aml_io\n$ mvn clean compile install\n$ cd ../aml_owl\n$ mvn clean compile install assembly:single\n```\n\n2. Setup the AMLsec Base Directory\n\nClone this repository, create the application base directory (usually located in the user's home directory), and place the files located in [amlsec-base-dir](https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir) and the assembled AML2OWL JAR (located in `aml_owl/target/`) there.\nThe AMLsec base directory and the path to the AML2OWL JAR must be set in the [configuration file](https://github.com/sbaresearch/amlsec/blob/master/amlsec/src/main/resources/application.conf) using the keys `baseDir` and `amlToOwlProgram`, respectively.\n\n3. Setup Apache Jena Fuseki\n\nInstall and start [Apache Jena Fuseki](https://jena.apache.org/documentation/fuseki2/):\n```\n$ java -jar \u003cpath_to_apache-jena-fuseki-X.Y.Z\u003e/fuseki-server.jar --update\n```\n\n4. Install LoLA 2 (only applies to QualSec)\n\nIf you want to run QualSec, you need to install [LoLA - A Low Level Petri Net Analyzer](https://theo.informatik.uni-rostock.de/theo-forschung/tools/lola/).\n\n5. Build and Run the Application\n\nFinally, build and start the app by using [sbt](https://www.scala-sbt.org/).\n```\n$ sbt \"runMain org.sba_research.worker.Main -q\"\n```\n\nUse the flags `-s` and `-q` to run AMLsec and QualSec, respectively.\n\n## Usage\n\nThe implemented methods utilize a semantic information mapping mechanism realized by means of AML libraries.\nThese [AML security extension libraries](https://github.com/sbaresearch/amlsec/tree/master/aml-libs/amlsec) and [AML quality extension libraries](https://github.com/sbaresearch/amlsec/tree/master/aml-libs/amlqual) can be easily reused in engineering projects by importing them into AML files.\n\nAgain, if you want to execute the prototype of the method presented in the IEEE TDSC paper, use the `-s` flag.\nThe `-q` flag, on the other hand, corresponds to the method presented in the IEEE TII paper.\n\nThe capabilities of this prototype are demonstrated in case studies ([AMLsec](https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir/case-study/CaseStudy_A.aml), [QualSec](https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir/quality-case-study/A/CaseStudy_A.aml)).\nRunning this prototype as is will yield the knowledge base (can be accessed via Fuseki), which also includes the results of the risk identification process, and the results of the case study.\n\nFurthermore, if you run the prototype with the [default case study]((https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir/case-study/CaseStudy_A.aml)) and `-s` flag, the following pruned cyber-physical attack graph will be created:\n\n![Cyber-Physical Attack Graph](https://github.com/sbaresearch/amlsec/blob/master/amlsec-base-dir/pruned_ag.svg?sanitize=true)\n\n### Cluster\n\nThe prototype utilizes the [Akka](https://akka.io/) framework and is able to distribute the risk identification workload among multiple nodes. The [Akka distributed workers sample](https://github.com/akka/akka-samples/tree/2.6/akka-sample-distributed-workers-scala) was used as a template.\n\nTo run the cluster with multiple nodes (examples with `-q` flag):\n\n1. Start Cassandra:\n```\n$ sbt \"runMain org.sba_research.worker.Main cassandra -q\"\n```\n\n2. Start the first seed node:\n```\n$ sbt \"runMain org.sba_research.worker.Main 2551 -q\"\n```\n\n3. Start a front-end node:\n```\n$ sbt \"runMain org.sba_research.worker.Main 3001 -q\"\n```\n\n4. Start a worker node (the second parameter denotes the number of worker actors, e.g., 3):\n```\n$ sbt \"runMain org.sba_research.worker.Main 5001 3 -q\"\n```\n\nIf you run the nodes on separate machines, you will have to adapt the Akka settings in the [configuration file](https://github.com/sbaresearch/amlsec/blob/master/amlsec/src/main/resources/application.conf).\n\n## Performance Assessment\n\nThe measurements and log files obtained during the performance assessment are available upon request.\n\n## How to Cite\n\nIf you use this prototype in your research, please consider citing our [IEEE TDSC 2020](https://doi.org/10.1109/TDSC.2020.3033150) or [IEEE TII 2022](https://doi.org/10.1109/tii.2022.3193119) publication. Feel free to use the papers' BibTeX entries ([TDSC](https://github.com/sbaresearch/amlsec/tree/master/bib/Eckhart2022.bib), [TII](https://github.com/sbaresearch/amlsec/tree/master/bib/Eckhart2022a.bib)).\n\n## Acknowledgment\n\nThe authors would like to thank Yameng An for providing the initial version of [OntoPLC](https://doi.org/10.1109/TII.2020.2997360).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsbaresearch%2Famlsec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsbaresearch%2Famlsec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsbaresearch%2Famlsec/lists"}