Safety Assessment of Computer Systems Using Hazop and Audit Techniques

Chudleigh, Morris F.; Catmur, J.R.

doi:10.1016/b978-0-08-041893-3.50051-3

Cited by 10 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Meanwhile, there is also a large body of research work and industrial experience to draw upon. On the one hand, there are well-established approaches for safety-critical system engineering (e.g., HAZOP [10] and FMEA [11]), and noticeable efforts (e.g., [12], [5]) have been devoted to extending some of those methodologies to also consider the security aspect. On the other hand, security assessment methodologies for ICT systems have been studied and applied for a few decades (e.g., [6], [13], [14]), with several recent efforts focusing on cybersecurity issues of critical infrastructures (e.g., [15], [16]).…”

Section: Applying Existing Security Analysis Approachesmentioning

confidence: 99%

Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective

Chen¹,

Schmittner²,

Ma³

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Urban railway systems are increasingly relying on information and communications technologies (ICT). This evolution makes cybersecurity an important concern, in addition to the traditional focus on reliability, availability, maintainability and safety. In this paper, we examine two examples of cyberintensive systems in urban railway environments-a communications-based train control system, and a mobile app that provides transit information to commutersand use them to study the challenges for conducting security analysis in this domain. We show the need for a cyber-physical perspective in order to understand the cross-domain attack/defense and the complicated physical consequence of cyber breaches. We present security analysis results from two different methods that are used in the safety and ICT security engineering domains respectively, and use them as concrete references to discuss the way to move forward.

show abstract

Section: Applying Existing Security Analysis Approachesmentioning

confidence: 99%

Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective

Chen¹,

Schmittner²,

Ma³

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Hazard and operability studies (HAZOPs) [47], is a systematic approach to identifying the hazards and operating problems occurring in the design of system and the interaction between subsystems. HAZOPs are implemented by means of review meetings of experts with knowledge of the system requirements, often going down to component level failures.…”

Section: Safety Critical Softwarementioning

confidence: 99%

High integrity real-time software

Allerton

2007

Proceedings of the Institution of Mechanical Engineers, Part G:

View full text Add to dashboard Cite

This paper reviews the techniques and issues in developing high integrity real-time software in the aerospace industry. It explains the methods used to achieve high levels of reliability by deploying fault-tolerant hardware architectures. The aspects of software design and programming languages, which influence the safety of software, are introduced. The paper also outlines the need to verify the performance of real-time software. The major part of the paper focuses on the methods used in the certification of software for safety critical applications, covering software development methods used on large programmes. The standard DO-178B has been widely adopted for the certification of software for civil applications in the aerospace industry and the impact of this standard on software development methods for civil aircraft is summarized. The paper concludes with a review of future trends in software development, particularly the use of automatic code generation methods and schematic capture in the software design phase.

show abstract

“…The connection between these quantities and software reliability is also of a qualitative nature. It is also suggested to apply traditional methods in probabilistic safety assessment (PSA) to software (Cudleigh and Catmur 1992, Leveson 1995, Dahll 1997. As reasons for this choice, it is argued that these methods are well tried, standardized, documented and familiar to customers (StaÊ lhane 1997).…”

Section: Introductionmentioning

confidence: 98%

Use of Bayesian Belief Networks when combining disparate sources of information in the safety assessment of software-based systems

Gran¹

2002

International Journal of Systems Science

View full text Add to dashboard Cite

The paper discusses how disparate sources of information can be combined in the safety assessment of software-base d systems. The emphasis is put on an emerging methodology, relevant for intelligent product-suppor t systems, to combine information about disparate evidences systematically based on Bayesian Belief Networks. The objective is to show the link between basic information and the con®dence one can have in a system. How one combines the Bayesian Belief Net (BBN) method with a software safety standard (RTCA/DO-178B) for safety assessment of software-based systems is also discussed. Finally, the applicability of the BBN methodology and experiences from cooperative research work together with Kongsberg Defence & Aerospace and Det Norske Veritas, and ongoing research with VTT Automation are presented.

show abstract

Safety Assessment of Computer Systems Using Hazop and Audit Techniques

Cited by 10 publications

References 1 publication

Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective

Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective

High integrity real-time software

Use of Bayesian Belief Networks when combining disparate sources of information in the safety assessment of software-based systems

Contact Info

Product

Resources

About