Language-driven assurance for regulatory compliance of control systems

We present a novel approach to precisely specify constraints mandated by regulatory requirements on a control system and monitor the corresponding compliance status in near-real-time. Our research focuses on the design of a language that bridges the gap between abstract regulatory policies and the realities of implementation. Essentially, each regulatory check, a "policy monitor", is authored in a new language we are developing called ADACS (Autonomous component-based policy Description Language for Anomaly monitoring in Control Systems). The semantics of our language are closer to discrete real-time system interactions expressed as events encoded in XML messages, and the language is compiled into binaries of a general purpose language that is portable across many hardware and software platforms. Considering a large number of legacy SCADA systems in place today along with the sensitive nature of their operation, we rely on rapid modeling and simulation of control system components to develop policy monitors in ADACS. Simulation of the system operational behavior facilitates the authoring, tailoring and tuning the corresponding language elements that watch for violations of the regulated behavior. In addition the ability to simulate system interdependencies allow the language author to verify the policy monitors, which will later be used in a live SCADA environment. We anticipate that out-of-band XML-based event generation from distributed and heterogeneous legacy SCADA systems will suit well to integrate the policy monitors developed currently in the simulation environment. The syntax and semantics of ADACS language and events are described, and finally we discuss our future research directions.