Safety and Security Co-Analyses: A Systematic Literature Review

Over the past decade technological development has lead to systems being connected to public networks in many critical domains. In such systems bringing safety and security work has become even more important, as a connected safety-critical system is not safe if it is not secure. Given this, the main goal of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a Systematic Literature Review. In this work we have focused on the early system development stages and identified 33 relevant publications categorised as: combined safety and security approaches that consider the mutual influence of safety and security; safety informed security approaches that consider influence of safety on security; and, security informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain, which requires solutions that rely on two separate disciplines, namely safety and security engineering.