Quantitative Assessment of Safety and Security of System Architectures for Cyberphysical Systems Using the NFR Approach

Subramanian, Nary; Zalewski, Janusz

doi:10.1109/jsyst.2013.2294628

Cited by 39 publications

(29 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3) Subramanian method Subramanian proposed the following method that NFR framework is applied to analyse safety and security [4]. Safety and security are decomposed by using non-functional softgoals.…”

Section: ) Check List Based Methodsmentioning

confidence: 99%

An Approach for Evaluating Softgoals Using Weight

Yamamoto

2015

Information and Communication Technology

View full text Add to dashboard Cite

Part 7: Dependable Systems and ApplicationsInternational audienceThe resolution of conflicts among non-functional requirements are difficult problem during the analysis of non-functional requirements. To mitigate the problem, the weighted softgoal is proposed based on the Softgoal Interdependency Graphs (SIG) that help engineers resolve conflicts among non-functional requirements. It is also shown evaluation results of the weighted SIG applications to develop non-functional requirements and choose alternative design decisions

show abstract

Section: ) Check List Based Methodsmentioning

confidence: 99%

An Approach for Evaluating Softgoals Using Weight

Yamamoto

2015

Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…It consists of a master unit that controls the working of the entire system by reading sensors and activating actuators throughout a distributed plant. The process for converting non-functional requirements to a quantitative assessment of security is outlined in this section, based on a related earlier publication [59].…”

Section: Case Study #4 Non-functional Requirementsmentioning

confidence: 99%

“…NFR considers properties of a system such as reliability, maintainability, flexibility, scalability, etc., and could equally well consider functional objectives. The NFR uses a well-defined ontology for this purpose that includes NFR softgoals, operationalizing softgoals, claim softgoals, contributions, and propagation rules; each of these elements is described briefly below [59]. Furthermore, since strictly quantitative assessment of soft or vaguely defined properties is difficult, the NFR Approach uses the concept of satisficing, a term borrowed from economics, which indicates satisfaction within limits instead of absolute satisfaction of the goal.…”

Section: Outline Of the Nfr Approach [59]mentioning

confidence: 99%

“…The final step in the application of the NFR Approach is to apply the propagation rules, the details of which have been presented in an earlier paper [59].…”

Section: Applying the Nfr Approachmentioning

confidence: 99%

“…Example calculations using the single-value scheme are shown in Figure 18 (right). Applying this scheme, we get a metric of´8 for security; details are given in [59]. However, we have the complete rationale for these metrics and more importantly we know how to improve (or even reduce) a desired metric.…”

Section: Applying the Nfr Approachmentioning

confidence: 99%

See 2 more Smart Citations

A Framework for Measuring Security as a System Property in Cyberphysical Systems

et al. 2016

Self Cite

View full text Add to dashboard Cite

This paper addresses the challenge of measuring security, understood as a system property, of cyberphysical systems, in the category of similar properties, such as safety and reliability. First, it attempts to define precisely what security, as a system property, really is. Then, an application context is presented, in terms of an attack surface in cyberphysical systems. Contemporary approaches related to the principles of measuring software properties are also discussed, with emphasis on building models. These concepts are illustrated in several case studies, based on previous work of the authors, to conduct experimental security measurements.

show abstract

Aviation Software: Safety and Security

Kornecki

Zalewski

2015

Wiley Encyclopedia of Electrical and Electronics Engineering

View full text Add to dashboard Cite

Aviation systems, both airborne and ground, (e.g., flight controls, avionics, engine control, and air traffic control) are typical examples of safety‐critical, real‐time systems. Such systems continue to become more complex and are extremely software reliant. Modern aircrafts, composed on numerous software‐controlled systems, operate within constraints of a National Airspace System (NAS) that includes air traffic management, weather services, airline and airport operations, communication facilities, navigation infrastructure, and so on. NAS is a software‐intensive system of systems with multiple components and of incredible complexity. Software is critical in all aspects of modern aviation, whether it is for development, operation flexibility, or fault tolerance. Technological progress, particularly in the electronics and computing areas, changed the aviation industry. Safety has always been a critical factor for aviation; with increased interconnectivity of networked systems and potential vulnerability for malicious attacks, security becomes likewise important. This chapter presents basic concepts and definitions of safety and security together with their mutual relationship. Representative techniques, methods, and tools used to facilitate software assurance are discussed. In addition, the chapter introduces regulations and certification guidance as applied to the development of software‐intensive aviation systems from the perspective of safety and security.

show abstract

Quantitative Assessment of Safety and Security of System Architectures for Cyberphysical Systems Using the NFR Approach

Cited by 39 publications

References 7 publications

An Approach for Evaluating Softgoals Using Weight

An Approach for Evaluating Softgoals Using Weight

A Framework for Measuring Security as a System Property in Cyberphysical Systems

Aviation Software: Safety and Security

Contact Info

Product

Resources

About