Abstract: The present invention relates to a method for automatic translation of ladder logic to a SMT-based model checker in a network comprising defining (10) the topology of the network as an enriched network topology based on packets exchanged in the network, extracting (20) a program from the packets relating to a PLC in the network and identifying inputs, outputs, variables and a ladder diagram of the PLC, translating (30) the inputs, outputs, variables and ladder diagram into a predefined formal model, wherein the predefined formal model is a circuit-like SMT-based model checker, and wherein the translating (30) comprises translating the set of data types of the program according to a predefined model set of data types of the circuit-like SMT-based model checker, translating the inputs of the PLC as model inputs of the circuit-like SMT-based model checker of the same type, translating the outputs of the PLC as model output latches of the circuit-like SMT-based model checker of the same type, translating the vari

Abstract: The present invention relates to a method for automatic derivation of attack paths in a network comprising defining the topology of the network as an enriched network topology, identifying the vulnerabilities of the topology as vulnerabilities information artifacts, building the atomic attack database of the network based on the topology and the vulnerabilities, translating the enriched network topology, the vulnerabilities information artifacts and the atomic attack database into a predefined formal model, executing a predefined SMT-based model checker for the predefined formal model to seek counterexamples and deriving the attack paths from the counterexamples, wherein the defining the topology comprises running, by a computerized data processing unit operatively connected to the network, a module of deep packet inspection of the network to build a network topology based on the information derived from the deep packet inspection module, running, by the computerized data processing unit, a module of active q

Abstract: The present invention relates to a method for automatic translation of ladder logic to a SMT-based model checker in a network comprising defining (10) the topology of the network as an enriched network topology based on packets exchanged in the network, extracting (20) a program from the packets relating to a PLC in the network and identifying inputs, outputs, variables and a ladder diagram of the PLC, translating (30) the inputs, outputs, variables and ladder diagram into a predefined formal model, wherein the predefined formal model is a circuit-like SMT-based model checker, and wherein the translating (30) comprises translating the set of data types of the program according to a predefined model set of data types of the circuit-like SMT-based model checker, translating the inputs of the PLC as model inputs of the circuit-like SMT-based model checker of the same type, translating the outputs of the PLC as model output latches of the circuit-like SMT-based model checker of the same type, translating the vari

Abstract: The present invention relates to a method for automatic derivation of attack paths in a network comprising defining the topology of the network as an enriched network topology, identifying the vulnerabilities of the topology as vulnerabilities information artifacts, building the atomic attack database of the network based on the topology and the vulnerabilities, translating the enriched network topology, the vulnerabilities information artifacts and the atomic attack database into a predefined formal model, executing a predefined SMT-based model checker for the predefined formal model to seek counterexamples and deriving the attack paths from the counterexamples, wherein the defining the topology comprises running, by a computerized data processing unit operatively connected to the network, a module of deep packet inspection of the network to build a network topology based on the information derived from the deep packet inspection module, running, by the computerized data processing unit, a module of active q