Towards Combined Safety and Security Constraints Analysis

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

“…The approach provides unified safety and security constructs that minimise safety and security integration effort in automotive domain, and enable non-security engineers to identify information assets and protection goals. 24) Friedberg et al (2017) [39] present a combined analysis method for safety and security called STPA-SafeSec based on STPA [40] and STPA-Sec [6], and used to choose the most effective mitigation strategies to ensure system safety and security. The benefits of the approach is unified safety and security consideration while choosing suitable mitigation strategies, a possibility to prioritize the most critical system components for an in-depth security analysis (e.g.…”

“…25) Howard et al (2017) [41] propose a method to identify and formally analyse safety and security requirements. This approach is based on the STPA [40] methodology and combined with modelling, traceability and formal verification through use of the Event-B formal method. The aim is to generate critical requirements to be able to prevent undesirable system states.…”

“…The approach includes quantitative analysis of AFTs and consideration of several safety-security scenarios, e.g., as-is scenario and what-if scenario, leading to identification of the most risky scenarios and selection of the most effective countermeasure. 27) Pereira et al (2017) [40] present an analysis built on a combination of STPA and guidelines from NIST SP800-30. The rationale behind the analysis is merging of a system based approach addressing safety and a component-based approach focused on threats and vulnerabilities.…”

Safety and Security Co-Analyses: A Systematic Literature Review

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

“…The approach provides unified safety and security constructs that minimise safety and security integration effort in automotive domain, and enable non-security engineers to identify information assets and protection goals. 24) Friedberg et al (2017) [39] present a combined analysis method for safety and security called STPA-SafeSec based on STPA [40] and STPA-Sec [6], and used to choose the most effective mitigation strategies to ensure system safety and security. The benefits of the approach is unified safety and security consideration while choosing suitable mitigation strategies, a possibility to prioritize the most critical system components for an in-depth security analysis (e.g.…”

“…25) Howard et al (2017) [41] propose a method to identify and formally analyse safety and security requirements. This approach is based on the STPA [40] methodology and combined with modelling, traceability and formal verification through use of the Event-B formal method. The aim is to generate critical requirements to be able to prevent undesirable system states.…”

“…The approach includes quantitative analysis of AFTs and consideration of several safety-security scenarios, e.g., as-is scenario and what-if scenario, leading to identification of the most risky scenarios and selection of the most effective countermeasure. 27) Pereira et al (2017) [40] present an analysis built on a combination of STPA and guidelines from NIST SP800-30. The rationale behind the analysis is merging of a system based approach addressing safety and a component-based approach focused on threats and vulnerabilities.…”

Safety and Security Co-Analyses: A Systematic Literature Review

“…The analysis proposed by [18] is based on FMEA that considers only single causes of an effect, which excludes multi-stage attacks consideration. The method presented by Popov (2015) [28] may require a more complex [24], [32], [40], [45], [46] [11], [33] Unified [6], [13], [15], [17], [23], [25], [34], [36], [39], [41], [42], [43], [35], [49] [10], [12], [18], [21], [26], [28], [29], [31], [37], [38], [44], [47] failure model to address failure dependencies and trade-offs between safety and security. The approach proposed by Wei et al (2015) [31] has a limitation in terms of failures connections.…”

Safety and Security Co-Analyses: A Systematic Literature Review

Model‐driven engineering of safety and security software systems: A systematic mapping study and future research directions