Formal Modelling and Analysis of Socio-Technical Systems

TitleFormal Modelling and Analysis of Socio-Technical Systems
Publication TypeBook Chapter
Year of Publication2015
AuthorsProbst C.W, Kammüller F., R. Hansen R
EditorProbst C.W, Hankin C., R. Hansen R
Book TitleSemantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays
Series TitleLecture Notes in Computer Science
PublisherSpringer Verlag
Keywordsanalysis, Formal Modelling, Socio-Technical Systems

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to socio-technical systems. On the informal side, we show how to steal a birthday cake from a bakery by social engineering.