Formal Modelling and Analysis of Socio-Technical Systems

Christian W. Probst; Florian Kammüller; René Rydhof Hansen

doi:10.1007/978-3-319-27810-0_3

Formal Modelling and Analysis of Socio-Technical Systems

Christian W. Probst^*, Florian Kammüller, René Rydhof Hansen

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic › peer-review

7 Citations (Scopus)

Abstract

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to socio-technical systems. On the informal side, we show how to steal a birthday cake from a bakery by social engineering.

Original language	English
Title of host publication	Semantics, Logics, and Calculi
Subtitle of host publication	Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays
Editors	Christian W. Probst, Chris Hankin, René Rydhof Hansen
Place of Publication	Berlin
Publisher	Springer
Pages	54-73
Number of pages	20
ISBN (Print)	9783319278094
DOIs	https://doi.org/10.1007/978-3-319-27810-0_3
Publication status	Published - 25 Dec 2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9560
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Keywords

Socio-technical systems
Formal modelling
Analysis

Access to Document

10.1007/978-3-319-27810-0_3

Cite this

Probst, C. W., Kammüller, F., & Rydhof Hansen, R. (2015). Formal Modelling and Analysis of Socio-Technical Systems. In C. W. Probst, C. Hankin, & R. Rydhof Hansen (Eds.), Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays (pp. 54-73). (Lecture Notes in Computer Science; Vol. 9560). Springer. https://doi.org/10.1007/978-3-319-27810-0_3

Probst, Christian W. ; Kammüller, Florian ; Rydhof Hansen, René. / Formal Modelling and Analysis of Socio-Technical Systems. Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. editor / Christian W. Probst ; Chris Hankin ; René Rydhof Hansen. Berlin : Springer, 2015. pp. 54-73 (Lecture Notes in Computer Science).

@inbook{49a879eea25f4e9995df94fd74def527,

title = "Formal Modelling and Analysis of Socio-Technical Systems",

abstract = "Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to socio-technical systems. On the informal side, we show how to steal a birthday cake from a bakery by social engineering.",

keywords = "Socio-technical systems, Formal modelling, Analysis",

author = "Probst, {Christian W.} and Florian Kamm{\"u}ller and {Rydhof Hansen}, Ren{\'e}",

note = "Colloquium held at the Technical University of Denmark on January 8, 2016 ",

year = "2015",

month = dec,

day = "25",

doi = "10.1007/978-3-319-27810-0_3",

language = "English",

isbn = "9783319278094",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "54--73",

editor = "Probst, {Christian W.} and Chris Hankin and {Rydhof Hansen}, Ren{\'e}",

booktitle = "Semantics, Logics, and Calculi",

}

Probst, CW, Kammüller, F & Rydhof Hansen, R 2015, Formal Modelling and Analysis of Socio-Technical Systems. in CW Probst, C Hankin & R Rydhof Hansen (eds), Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. Lecture Notes in Computer Science, vol. 9560, Springer, Berlin, pp. 54-73. https://doi.org/10.1007/978-3-319-27810-0_3

Formal Modelling and Analysis of Socio-Technical Systems. / Probst, Christian W.; Kammüller, Florian; Rydhof Hansen, René.

Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. ed. / Christian W. Probst; Chris Hankin; René Rydhof Hansen. Berlin : Springer, 2015. p. 54-73 (Lecture Notes in Computer Science; Vol. 9560).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic › peer-review

TY - CHAP

T1 - Formal Modelling and Analysis of Socio-Technical Systems

AU - Probst, Christian W.

AU - Kammüller, Florian

AU - Rydhof Hansen, René

N1 - Colloquium held at the Technical University of Denmark on January 8, 2016

PY - 2015/12/25

Y1 - 2015/12/25

N2 - Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to socio-technical systems. On the informal side, we show how to steal a birthday cake from a bakery by social engineering.

AB - Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to socio-technical systems. On the informal side, we show how to steal a birthday cake from a bakery by social engineering.

KW - Socio-technical systems

KW - Formal modelling

KW - Analysis

U2 - 10.1007/978-3-319-27810-0_3

DO - 10.1007/978-3-319-27810-0_3

M3 - Chapter

SN - 9783319278094

T3 - Lecture Notes in Computer Science

SP - 54

EP - 73

BT - Semantics, Logics, and Calculi

A2 - Probst, Christian W.

A2 - Hankin, Chris

A2 - Rydhof Hansen, René

PB - Springer

CY - Berlin

ER -

Probst CW, Kammüller F, Rydhof Hansen R. Formal Modelling and Analysis of Socio-Technical Systems. In Probst CW, Hankin C, Rydhof Hansen R, editors, Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. Berlin: Springer. 2015. p. 54-73. (Lecture Notes in Computer Science). doi: 10.1007/978-3-319-27810-0_3

Formal Modelling and Analysis of Socio-Technical Systems

Abstract

Publication series

Keywords

Access to Document

Fingerprint

Cite this