Timed Automata as a Formalism for Expressing Security: A Survey on Theory and Practice

• Published in: ACM computing surveys Vol. 55; no. 6; pp. 1 - 36
• Main Authors: Arcile, Johan, André, Étienne
• Format: Journal Article
• Language: English
• Published: New York, NY ACM 31.07.2023; Association for Computing Machinery
• Subjects: attack trees; Automata theory; Clocks; Computer Science; Cryptography and Security; cybersecurity; Formal security models; Formalism; Logic and verification; Logic in Computer Science; opacity; Security; Security and privacy; survey; Theory of computation; Timed and hybrid models; timed automata; Verification by model checking; survey; opacity; Timed automata; attack trees; cybersecurity; timed automata
• ISSN: 0360-0300; 1557-7341
• DOI: 10.1145/3534967

Timed automata are a common formalism for the verification of concurrent systems subject to timing constraints. They extend finite-state automata with clocks, that constrain the system behavior in locations, and to take transitions. While timed automata were originally designed for safety (in the wide sense of correctness w.r.t. a formal property), they were progressively used in a number of works to guarantee security properties. In this work, we review works studying security properties for timed automata over the past two decades. We notably review theoretical works, with a particular focus on opacity, as well as more practical works, with a particular focus on attack trees and their extensions. We derive main conclusions concerning open perspectives, as well as tool support.