Role-based access control in wastewater treatment plants: An industrial use case





Publicado en

Actas de las XXVIII Jornadas de Ingeniería del Software y Bases de Datos (JISBD 2024)

Licencia Creative Commons


Wastewater treatment plants (WWTPs) are critical infrastructures that employ cyber-physical systems (CPSs) and Internet of Things technology to manage and treat water. These systems gather data from various components such as sensors and monitors. However, the distributed nature of these systems introduces significant security concerns. To address these concerns, role-based access control (RBAC) has emerged as a fundamental security mechanism to govern access and authorization within these distributed CPS environments. This paper presents an innovative approach that leverages model-driven engineering (MDE) to implement RBAC in the design and operation of WWTPs. By integrating RBAC specifications seamlessly within the CPS model, this approach ensures a coherent security framework throughout the system's lifecycle. The use of MDE enables the generation of code and the creation of role-based custom visualizations, improving user experience and strengthening data security. We highlight the potential of these modeling techniques using a real-world scenario from TRANSACT, a KDT Joint Undertaking aiming to provide a framework to transform standalone safety-critical CPSs into safe and secure distributed solutions.


Acerca de Gómez, Abel

Palabras clave

Model-driven Engineering (MDE), Role-based Access Control (RBAC), Wastewater Treatment Plant (WWTP), Code Generation
Página completa del ítem
Notificar un error en este artículo
Mostrar cita
Mostrar cita en BibTeX
Descargar cita en BibTeX