Finding Threats with Hazards in the Concept Phase of Product Development

Ito, Masao

doi:10.1007/978-3-662-43896-1_25

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

Section: B Resultsmentioning

confidence: 99%

“…These values along with control risk reflecting safety and security design assessment define safety-security risk of an incident. 6) Ito (2014) [15] proposes an analysis for threats and hazards identification as an extension of the hazard identification approach CARDION. The approach is iterative and includes four phases: system sketching; top goal identification and its decomposition; applying HAZOP guidewords to each goal; threat and hazards identification.…”

Section: ) Raspotning Et Al (2012) [10] Present Combined Harmmentioning

confidence: 99%

Safety and Security Co-Analyses: A Systematic Literature Review

Lisova

¹

,

Šljivo

²

,

Čaušević

³

2019

IEEE Systems Journal

View full text Add to dashboard Cite

Latest technological trends lead towards systems connected to public networks even in critical domains. Bringing together safety and security work is becoming imperative, as a connected safety-critical system is not safe if it is not secure. The main objective of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a Systematic Literature Review. The steps of the review are the following: the research questions identification; agreement upon a search string; applying the search string to chosen databases; a selection criterion formulation for the relevant publications filtering; selected papers categorization and analysis. We focused on the early system development stages and identified 33 relevant publications categorized as: combined safety and security approaches that consider the mutual influence of safety and security; safety informed security approaches that consider influence of safety on security; security informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain.

show abstract

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

Section: B Resultsmentioning

confidence: 99%

Safety and Security Co-Analyses: A Systematic Literature Review

Lisova

¹

,

Šljivo

²

,

Čaušević

³

2019

2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)

View full text Add to dashboard Cite

Latest technological trends lead towards systems connected to public networks even in critical domains. Bringing together safety and security work is becoming imperative, as a connected safety-critical system is not safe if it is not secure. The main objective of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a Systematic Literature Review. The steps of the review are the following: the research questions identification; agreement upon a search string; applying the search string to chosen databases; a selection criterion formulation for the relevant publications filtering; selected papers categorization and analysis. We focused on the early system development stages and identified 33 relevant publications categorized as: combined safety and security approaches that consider the mutual influence of safety and security; safety informed security approaches that consider influence of safety on security; security informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain.

show abstract

“…In Ito (2014), the author proposes an extension of his own method called CARDION Ito and Kishida (2014), which initially aims to perform risk analysis, adapted to the automotive world. In this extension, a consideration of threats has been added.…”

Section: Extension Of Cardion Methodsmentioning

confidence: 99%

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Boyer¹,

Chelim²,

Sobieraj³

2021

Proceedings of the 31st European Safety and Reliability Conference (ESREL 2021)

2

0

View full text Add to dashboard Cite

More and more ground transports are being used (vehicles, trucks, buses, taxis. . . ) and they remain one of the most dangerous means of transport in the world. However, vehicles are increasingly connected and autonomous with the aim of making travel safer, cleaner and more efficient. They are now able to share and communicate information between themselves and their environment in real time, helping to reduce accidents, traffic congestion and greenhouse gas emissions. These vehicles are Cyber-Physical Systems (CPS), i.e. systems made up of mechanisms that capable of controlling physical entities. In order to guarantee the robustness of such systems, they must meet two main criteria: safety and security. However, safety and security are currently dealt with independently. The reasons for this are both historical and normative. One idea is therefore to combine these two criteria in order to obtain the most robust vehicle possible. In this article, we propose to highlight recent advances in the combined study of safety and security, focused on the autonomous vehicle. To do this, we have carried out a preliminary analysis of the existing situation and a cartographic study listing the articles dealing with this combination. Various qualitative and quantitative analyses of the existing situation are present in the literature, generally focused on CPS. Then, based on this study, we grouped the articles according to two categories: those highlighting the interests and possibilities of such a combination and those presenting hybrid methods in detail.

show abstract

Finding Threats with Hazards in the Concept Phase of Product Development

Cited by 9 publications

References 8 publications

Safety and Security Co-Analyses: A Systematic Literature Review

Safety and Security Co-Analyses: A Systematic Literature Review

Safety and Security Co-Analyses: A Systematic Literature Review

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Contact Info

Product

Resources

About