Lou, XinxinZid, Ines BenParekh, MithilGao, YuanEibl, MaximilianGaedke, Martin2017-08-282017-08-282017978-3-88579-669-5In life-critical and safety-critical systems, one small fault can lead to huge financial and personal damages. How to reduce system failure is an important question for engineers. After the software crisis, formal methods were proposed, which have been proved to effectively reduce the risk of failure. However, the formal method is somehow not as popular as expected, because it is not easy to master, and furthermore, lacks sufficient tools to support this method. In contrast, semi-formal method as a model-driven way is widely used in industry. In this paper, we attempt to apply an application of the semi-formal method to reduce security vulnerabilities of industrial systems. Furthermore, using CSlang, different Information Security Indicators (ISI) can be represented for Industrial Automation and Control Systems (IACS).enSemi-formal methodCSlangcyber securityformal method10.18420/in2017_1031617-5468