Towards Safety and Security Testing of Cyberphysical Power Systems by Shape Validation

TL;DR

This paper introduces a declarative, ontology-based approach using Semantic Web technologies and shape constraints to automatically evaluate safety and security in complex cyberphysical power systems.

Contribution

It presents a novel framework combining ontologies, rules, and SHACL constraints for automated safety and security validation in power systems.

Findings

Ontology-based modeling enables interoperability and expressivity.

Shape validation effectively verifies safety and security constraints.

Use cases demonstrate practical applicability and potential for community development.

Abstract

The increasing complexity of cyberphysical power systems leads to larger attack surfaces to be exploited by malicious actors and a higher risk of faults through misconfiguration. We propose to meet those risks with a declarative approach to describe cyberphysical power systems and to automatically evaluate security and safety controls. We leverage Semantic Web technologies as a well-standardized framework, providing languages to specify ontologies, rules and shape constraints. We model infrastructure through an ontology which combines external ontologies, architecture and data models for sufficient expressivity and interoperability with external systems. The ontology can enrich itself through rules defined in SPARQL, allowing for the inference of knowledge that is not explicitly stated. Through the evaluation of SHACL shape constraints we can then validate the data and verify safety and security constraints. We demonstrate this concept with two use cases and illustrate how this solution can be developed further in a community-driven fashion.