Inadequate Risk Analysis Might Jeopardize The Functional Safety of Modern Systems

In the early 90s, researchers began to focus on security as an important property to address in combination with safety. Over the years, researchers have proposed approaches to harmonize activities ...

[1]  S. Paul On The Meaning Of Security For Safety (S4S) , 2015 .

[2]  Michael Paulitsch,et al.  Security-Informed Safety Case Approach to Analysing MILS Systems , 2015, MILS@HiPEAC.

[3]  Nuno Silva,et al.  Adding Security Concerns to Safety Critical Certification , 2014, 2014 IEEE International Symposium on Software Reliability Engineering Workshops.

[4]  Sergey Bezzateev,et al.  Joint safety and security analysis for complex systems , 2013, 2013 13th Conference of Open Innovations Association (FRUCT).

[5]  Aditya P. Mathur,et al.  Aligning Cyber-Physical System Safety and Security , 2014, CSDM Asia.

[6]  J. Webster,et al.  Wiley Encyclopedia of Electrical and Electronics Engineering , 2010 .

[7]  Carl A. Gunter,et al.  Addressing Safety and Security Contradictions in Cyber-Physical Systems , 2009 .

[8]  Péter Kárpáti,et al.  A Combined Process for Elicitation and Analysis of Safety and Security Requirements , 2012, BMMDS/EMMSAD.

[9]  Luyi Li,et al.  Extracting interdependent requirements and resolving conflicted requirements of safety and security for industrial control systems , 2015, 2015 First International Conference on Reliability Systems Engineering (ICRSE).

[10]  T. Aven A unified framework for risk and vulnerability analysis covering both safety and security , 2011 .

[11]  Christoph Woskowski,et al.  A Pragmatic Approach towards Safe and Secure Medical Device Integration , 2014, SAFECOMP.

[12]  John A. Clark,et al.  Effective Security Requirements Analysis: HAZOP and Use Cases , 2004, ISC.

[13]  Frank Reichenbach,et al.  A Pragmatic Approach on Combined Safety and Security Risk Analysis , 2012, 2012 IEEE 23rd International Symposium on Software Reliability Engineering Workshops.

[14]  Edgar Nett,et al.  Uniform Approach of Risk Communication in Distributed IT Environments Combining Safety and Security Aspects , 2014, SAFECOMP Workshops.

[15]  William H. Sanders,et al.  Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective , 2014, SAFECOMP Workshops.

[16]  Andreas L. Opdahl,et al.  Comparing risk identification techniques for safety and security requirements , 2013, J. Syst. Softw..

[17]  David F. C. Brewer Applying Security Techniques to Achieving Safety , 1993 .

[18]  C. W. Johnson CyberSafety : On the Interactions between CyberSecurity and the Software Engineering of Safety-Critical Systems , 2011 .

[19]  David Cooper,et al.  SafSec: Commonalities Between Safety and Security Assurance , 2005, SSS.

[20]  Hans-Peter Schwefel,et al.  Quantitative Safety and Security Analysis from a Communication Perspective , 2014, VALUETOOLS.

[21]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..

[22]  Stig Ole Johnsen Resilience at Interfaces - Improvement of Safety and Security in Distributed Control Systems by Web of Influence , 2012, Inf. Manag. Comput. Secur..

[23]  Andrew C. Simpson,et al.  Safety through security , 1998, Proceedings Ninth International Workshop on Software Specification and Design.

[24]  Michael Paulitsch,et al.  Investigation into a layered approach to architecting security-informed safety cases , 2015, 2015 IEEE/AIAA 34th Digital Avionics Systems Conference (DASC).

[25]  Janusz Zalewski,et al.  Assessment of safety and security of system architectures for cyberphysical systems , 2013, 2013 IEEE International Systems Conference (SysCon).

[26]  Peter Palensky,et al.  Common approach to functional safety and system security in building automation and control systems , 2007, 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007).

[27]  Bruno Dutertre,et al.  From security to safety and back , 1998, Proceedings Computer Security, Dependability, and Assurance: From Needs to Solutions (Cat. No.98EX358).

[28]  Peter Liggesmeyer,et al.  Combination of Safety and Security Analysis - Finding Security Problems That Threaten The Safety of a System , 2013, DECS@SAFECOMP.

[29]  Jason Smith,et al.  Security as a Safety Issue in Rail Communications , 2003, SCS.

[30]  Carsten Rudolph,et al.  Security vs. safety: Why do people die despite good safety? , 2015, 2015 Integrated Communication, Navigation and Surveillance Conference (ICNS).

[31]  Alan Burns,et al.  On the Meaning of Safety and Security , 1992, Comput. J..

[32]  Ludovic Piètre-Cambacédès,et al.  Cross-fertilization between safety and security engineering , 2013, Reliab. Eng. Syst. Saf..

[33]  Andrew J. Kornecki,et al.  Safety and security in industrial control , 2010, CSIIRW '10.

[34]  Nuno Silva,et al.  Practical Experiences with real-world systems: Security in the world of reliable and safe systems , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[35]  T. J Cockram,et al.  Combining Security and Safety Principles in Practice , 2007 .

[36]  Hailin Li,et al.  The merging trend of software security and safety , 2011, 2011 International Conference on Quality, Reliability, Risk, Maintenance, and Safety Engineering.

[37]  Artem Boyarchuk,et al.  Security Informed Safety Assessment of NPP I&C Systems: GAP-IMECA Technique , 2014 .

[38]  Saad Zafar,et al.  Integrating safety and security requirements into design of an embedded system , 2005, 12th Asia-Pacific Software Engineering Conference (APSEC'05).

[39]  Andreas L. Opdahl,et al.  Enhancing CHASSIS: A Method for Combining Safety and Security , 2013, 2013 International Conference on Availability, Reliability and Security.

[40]  Thomas Novak,et al.  Safety- and Security-Critical Services in Building Automation and Control Systems , 2010, IEEE Transactions on Industrial Electronics.

[41]  Christoph Schmittner,et al.  Towards a Framework for Alignment Between Automotive Safety and Security Standards , 2014, SAFECOMP Workshops.

[42]  Andrew J. Kornecki,et al.  Studying interrelationships of safety and security for software assurance in cyber-physical systems: Approach based on bayesian belief networks , 2013, 2013 Federated Conference on Computer Science and Information Systems.

[43]  Albert Treytl,et al.  Functional safety and system security in automation systems - a life cycle model , 2008, 2008 IEEE International Conference on Emerging Technologies and Factory Automation.

[44]  Nancy G. Leveson,et al.  Systems thinking for safety and security , 2013, ACSAC.

[45]  Eric Armengaud,et al.  A Combined Safety-Hazards and Security-Threat Analysis Method for Automotive Systems , 2014, SAFECOMP Workshops.

[46]  Robert J. Stroud,et al.  Security-Informed Safety: If It's Not Secure, It's Not Safe , 2013, SERENE.

[47]  R. Piggin,et al.  Combined Security and Safety Risk Assessment - What Needs to be Done For ICS and The IOT , 2015 .

[48]  Frédérique Vallee,et al.  Convergence of the Latest Standards Addressing Safety and Security for Information Technology , 2010 .

[49]  Jonathan D. Moffett,et al.  The Integration of Safety and Security Requirements , 1999, SAFECOMP.

[50]  Rune Winther,et al.  Security Assessments of Safety Critical Systems Using HAZOPs , 2001, SAFECOMP.

[51]  Masao Ito Finding Threats with Hazards in the Concept Phase of Product Development , 2014, EuroSPI.

[52]  Gary Stoneburner Toward a Unified Security-Safety Model , 2006, Computer.

[53]  Igor Nai Fovino,et al.  Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[54]  Nancy G. Leveson,et al.  Inside Risks An Integrated Approach to Safety and Security Based on Systems Theory , 2013 .