Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to automatically identify security risks based on AutomationML engineering data". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to automatically identify security risks based on AutomationML engineering data".

AMLsec

AMLsec is an automated security risk identification tool based on AutomationML engineering data. This product prototype can identify security risk sources such as network threats or security vulnerabilities and related types of network intrusion consequences. The results of the risk identification process can be used to generate a network physical attack graph, which will help researchers simulate multi-level network attacks that may cause physical damage caused by security threats.

Tool installation

First of all, researchers need to clone the source code of the project locally using the following command:

Git clone https://github.com/sbaresearch/amlsec.git

Next, we also need to build the AML2OWL. This prototype is based on the implementation of two-way translation data between AML and OWL. For more information, please refer to a report by ETFA 2019 entitled "interpretation of OWL complex classes in AutomationML based on two-way Translation". After cloning the project source code locally, we need to compile the project and compile the aml_owl application package as follows:

$cd aml_models$ mvn clean compile install$ cd. / aml_io$ mvn clean compile install$ cd. / aml_owl$ mvn clean compile install assembly:single

After compiling AML2OWL, we also need to configure the AMLsec base directory. After cloning the project source code locally, an application base directory will be created, depending on the path you choose. We need to store the project file and the compiled AML2OWL Jar file (located in aml_owl/target/) in amlsec-base-dir. The AMLsec base directory and the path to the AML2OWL Jar file must be set using the baseDir and amlToOwlProgram parameters in the project configuration file.

Then, we also need to configure Apache Jena Fuseki. We can install and start Apache Jena Fuseki using the following command:

$java-jar / fuseki-server.jar-- update

Finally, we need to build AMLsec. Here you can use sbt to build and start the application:

$sbt "runMain org.sba_research.worker.Main" tool use

The implementation of the tool uses a semantic information mapping mechanism implemented through the AML library. By importing these AML security extension libraries into an AML file, you can easily reuse them in an engineering project.

We demonstrate the functionality of the prototype in the following case study. Running the prototype as is generates a knowledge base (accessible through Fuseki), which also includes the results of the risk identification process, as well as the following deleted network physical attack maps:

Cluster

This tool hopes that you will be able to use the Akka framework and be able to distribute risk identification workload among multiple nodes. Akka distributed Worker samples have been formed in the project to be used as templates. Next, we can use multiple nodes to run the cluster as follows.

1. Enable Cassandra:

$sbt "runMain org.sba_research.worker.Main cassandra"

2. Open the first seed node:

$sbt "runMain org.sba_research.worker.Main 2551"

3. Open a front-end node:

$sbt "runMain org.sba_research.worker.Main 3001"

4. Open a Worker node (the second parameter represents the number of Worker participants, for example, 3):

$sbt "runMain org.sba_research.worker.Main 5001 3"

If you run these nodes on separate devices, you will need to adapt the Akka configuration information in the configuration file.

Thank you for your reading, the above is the content of "how to automatically identify security risks based on AutomationML engineering data". After the study of this article, I believe you have a deeper understanding of how to automatically identify security risks based on AutomationML engineering data. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.