Incorporating attacks modeling into safety processShow others and affiliations
2018 (English)In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag , 2018, Vol. 11094, p. 31-41Conference paper, Published paper (Refereed)
Abstract [en]
Systems of systems (SoS) are built as a collection of systems capable of fulfilling their own function, as well as contributing to other functionalities. They are expected to increase production efficiency and possibly decrease human involvement in harmful environments, and in many cases such systems are safety-critical. For SoS it is a paramount to provide both safety and security assurance. It is not sufficient to analyze and provide assurance of these properties independently due to their mutual connection. Hence, a joint effort addressing safety and security that provides joint guarantees on both properties, is required. In this paper we provide a safety and security assurance argument by incorporating an adversary point of view, and identify potential failures coming from the security domain that might lead to an already identified set of hazards. In this way system assets, vulnerabilities and ways to exploit them can be assessed. As an outcome mitigation strategies coming from security considerations can be captured by the safety requirements. The approach is illustrated on an autonomous quarry.
Place, publisher, year, edition, pages
Springer Verlag , 2018. Vol. 11094, p. 31-41
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 11094
Keywords [en]
Safety engineering, Systems engineering, Increase productions, Mitigation strategy, Potential failures, Safety and securities, Safety requirements, Security considerations, Security domains, Systems of systems, System of systems
National Category
Computer Systems Embedded Systems
Identifiers
URN: urn:nbn:se:mdh:diva-41127DOI: 10.1007/978-3-319-99229-7_4ISI: 000458807000004Scopus ID: 2-s2.0-85053870453ISBN: 9783319992280 (print)OAI: oai:DiVA.org:mdh-41127DiVA, id: diva2:1254709
Conference
ASSURE, DECSoS, SASSUR, STRIVE, and WAISE 2018 co-located with 37th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2018; Västerås; Sweden; 18 September 2018 through 21 September 2018
2018-10-102018-10-102019-03-07Bibliographically approved