Making SafeConcert Security-informed to Enable Multi-concern Modelling
2020 (English)In: 30th European Safety and Reliability Conference ESREL-2020, Venice, Italy: Research Publishing Services , 2020, p. 2049-2056Conference paper, Published paper (Refereed)
Abstract [en]
Connected dependable embedded systems communicate over networks to provide their services. Application of such systems include space, process automation, automotive etc. In such complex systems, safety and security assurance requires co-engineering, co-analysis and co-assessment approaches to enable a joint view and also manage tradeoffs between them. Nevertheless, such multi-concern assurance is challenging due to the increased connectivity resulting into increased attack surfaces as well as lack of a common language for describing the security concepts and their relation to safety concepts. For instance, a demonstration of security attacks in space domain, automotive, and real life attacks in industrial control system domain highlights the needs of security-informed engineering and assurance processes of such systems. The SafeConcert metamodel conceptualises dependability, with focus on safety, and is implemented as the dependability profile of CHESSML (CHESS Modelling Language). CHESS is a methodology and an open source toolset. The toolset implements CHESSML for high-integrity component-based systems engineering. By implementing CHESSML, the CHESS toolset offers modelling capabilities at different abstraction levels as well as qualitative and quantitative analysis techniques. In this paper, we conceptualise security and extend SafeConcert meta-model to enable multi-concern modelling. Then, we use the extended SafeConcert to model a simplified but functionally realist Attitude Control System (ACS) to show its adequacy for expressing essential concepts as per the ECSS (European Cooperation for Space Standardization) standards series. Finally, we draw our conclusion and future work.
Place, publisher, year, edition, pages
Venice, Italy: Research Publishing Services , 2020. p. 2049-2056
Keywords [en]
Dependability, Multi-concern Modelling, SafeConcert, Security-informed Safety, Standards
National Category
Engineering and Technology Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-49320DOI: 10.3850/978-981-14-8593-0_5339-cdScopus ID: 2-s2.0-85110379362OAI: oai:DiVA.org:mdh-49320DiVA, id: diva2:1453107
Conference
30th European Safety and Reliability Conference ESREL-2020, Venice, Italy, 1-5 Nov 2020
Projects
AMASS - Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical SystemsSafe and Secure Adaptive Collaborative Systems2020-07-082020-07-082023-05-24Bibliographically approved