Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security

Sabaliauskaite, Giedre; Adepu, Sridhar

doi:10.1109/hase.2017.25

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

Section: B Resultsmentioning

confidence: 99%

“…The developed tool provides a bidirectional transformation between joined AFT model and independent models The AFT model can be transferred to UPPAAL for quantitative analysis purposes, e.g., reliability. 31) Sabaliauskaite and Adepu (2017) [46] extend the sixstep model for design of safe and secure CPSs with support for identification of possible failures and cyber attacks. In the first two steps of the approach, the functions/requirements are defined together with the system architecture.…”

Section: ) Raspotning Et Al (2012) [10] Present Combined Harmmentioning

confidence: 99%

Safety and Security Co-Analyses: A Systematic Literature Review

Lisova

¹

,

Šljivo

²

,

Čaušević

³

2019

IEEE Systems Journal

View full text Add to dashboard Cite

Latest technological trends lead towards systems connected to public networks even in critical domains. Bringing together safety and security work is becoming imperative, as a connected safety-critical system is not safe if it is not secure. The main objective of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a Systematic Literature Review. The steps of the review are the following: the research questions identification; agreement upon a search string; applying the search string to chosen databases; a selection criterion formulation for the relevant publications filtering; selected papers categorization and analysis. We focused on the early system development stages and identified 33 relevant publications categorized as: combined safety and security approaches that consider the mutual influence of safety and security; safety informed security approaches that consider influence of safety on security; security informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain.

show abstract

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

Section: B Resultsmentioning

confidence: 99%

Safety and Security Co-Analyses: A Systematic Literature Review

Lisova

¹

,

Šljivo

²

,

Čaušević

³

2019

2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)

View full text Add to dashboard Cite

Latest technological trends lead towards systems connected to public networks even in critical domains. Bringing together safety and security work is becoming imperative, as a connected safety-critical system is not safe if it is not secure. The main objective of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a Systematic Literature Review. The steps of the review are the following: the research questions identification; agreement upon a search string; applying the search string to chosen databases; a selection criterion formulation for the relevant publications filtering; selected papers categorization and analysis. We focused on the early system development stages and identified 33 relevant publications categorized as: combined safety and security approaches that consider the mutual influence of safety and security; safety informed security approaches that consider influence of safety on security; security informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain.

show abstract

“…The challenge, therefore, is to develop methods that can strike an appropriate balance between those two aspects of scalability, so that the analysis results in an appropriate and practically useful level of detail. • The majority (55) of the reviewed methods provide mechanisms to stimulate creativity among the analysts and other relevant stakeholders. As many methods rely, at least to some extent, on scenario development, creativity is an important characteristic.…”

Section: Discussionmentioning

confidence: 99%

Cybersecurity and Safety Co-Engineering of Cyberphysical Systems—A Comprehensive Survey

Kavallieratos

¹

,

Katsikas

²

,

Gkioulos

³

2020

View full text Add to dashboard Cite

Safeguarding both safety and cybersecurity is paramount to the smooth and trustworthy operation of contemporary cyber physical systems, many of which support critical functions and services. As safety and security have been known to be interdependent, they need to be jointly considered in such systems. As a result, various approaches have been proposed to address safety and cybersecurity co-engineering in cyber physical systems. This paper provides a comprehensive survey of safety and cybersecurity co-engineering methods, and discusses relevant open issues and research challenges. Despite the extent of the existing literature, several aspects of the subject still remain to be fully addressed.

show abstract

Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security

Cited by 19 publications

References 12 publications

Safety and Security Co-Analyses: A Systematic Literature Review

Safety and Security Co-Analyses: A Systematic Literature Review

Safety and Security Co-Analyses: A Systematic Literature Review

Cybersecurity and Safety Co-Engineering of Cyberphysical Systems—A Comprehensive Survey

Contact Info

Product

Resources

About