In today’s highly interconnected and technology-reliant environment, cybersecurity is no longer limited to traditional computer systems and IT networks, as a number of highly publicized attacks have occurred against complex cyber-physical systems such as automobiles and airplanes. While numerous vulnerability analysis and architecture analysis approaches are in use, these approaches are often focused on realized systems with limited solution space. A more effective approach for understanding security and resiliency requirements early in the system development is needed. One such approach, system-theoretic process analysis for security (STPA-Sec), addresses the cyber-physical security problem from a systems viewpoint at the conceptual stage when the solution trade-space is largest rather than merely examining components and adding protections during production, operation, or sustainment. This paper uniquely provides a detailed and independent evaluation of STPA-Sec’s utility for eliciting, defining, and understanding security and resiliency requirements for a notional next generation aerial refueling platform.
[1]
Hovav Shacham,et al.
Comprehensive Experimental Analyses of Automotive Attack Surfaces
,
2011,
USENIX Security Symposium.
[2]
W. Marsden.
I and J
,
2012
.
[3]
Nancy G. Leveson,et al.
Engineering a Safer World: Systems Thinking Applied to Safety
,
2012
.
[4]
Nancy G. Leveson,et al.
Inside Risks An Integrated Approach to Safety and Security Based on Systems Theory
,
2013
.
[5]
Nancy G. Leveson,et al.
A new accident model for engineering safer systems
,
2004
.
[6]
Higinio Mora-Mora,et al.
μ-MAR: Multiplane 3D Marker based Registration for depth-sensing cameras
,
2015,
Expert Syst. Appl..