Safety and Security Co-Analyses: A Systematic Literature Review

Latest technological trends lead toward systems connected to public networks even in critical domains. Bringing together safety and security work is becoming imperative, as a connected safety-critical system is not safe if it is not secure. The main objective of this study is to investigate the current status of safety and security co-analysis in system engineering by conducting a systematic literature review. The steps of the review are the following: the research questions identification; agreement upon a search string; applying the search string to chosen databases; a selection criterion formulation for the relevant publications filtering; selected papers categorization and analysis. We focused on the early system development stages and identified 33 relevant publications categorized as follows: combined safety and security approaches that consider the mutual influence of safety and security; safety-informed security approaches that consider influence of safety on security; and security-informed safety approaches that consider influence of security on safety. The results showed that a number of identified approaches are driven by needs in fast developing application areas, e.g., automotive, while works focusing on combined analysis are mostly application area independent. Overall, the study shows that safety and security co-analysis is still a developing domain.

[1]  Ludovic Piètre-Cambacédès,et al.  Cross-fertilization between safety and security engineering , 2013, Reliab. Eng. Syst. Saf..

[2]  Lance Fiondella,et al.  A survey of fault and attack tree modeling and analysis for cyber risk management , 2017, 2017 IEEE International Symposium on Technologies for Homeland Security (HST).

[3]  Mathias Ekstedt,et al.  Time between vulnerability disclosures: A measure of software product vulnerability , 2016, Comput. Secur..

[4]  Elena Troubitsyna,et al.  Co-engineering Safety and Security in Industrial Control Systems: A Formal Outlook , 2017, SERENE.

[5]  Nuno Silva,et al.  Practical Experiences with real-world systems: Security in the world of reliable and safe systems , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[6]  Philippe Massonet,et al.  Goal-Oriented Co-Engineering of Security and Safety Requirements in Cyber-Physical Systems , 2016, SAFECOMP Workshops.

[7]  Simin Nadjm-Tehrani,et al.  Towards Combined Safety and Security Constraints Analysis , 2017, SAFECOMP Workshops.

[8]  Michel Mamrot,et al.  Use case based approach for an integrated consideration of safety and security aspects for smart home applications , 2016, 2016 11th System of Systems Engineering Conference (SoSE).

[9]  Péter Kárpáti,et al.  A Combined Process for Elicitation and Analysis of Safety and Security Requirements , 2012, BMMDS/EMMSAD.

[10]  Wolter Pieters,et al.  Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications , 2016, CRITIS.

[11]  Tomas Olovsson,et al.  A Risk Assessment Framework for Automotive Embedded Systems , 2016, CPSS@AsiaCCS.

[12]  Luciano Lavagno,et al.  Metropolis: An Integrated Electronic System Design Environment , 2003, Computer.

[13]  Eugene Y. Vasserman,et al.  SAFE and Secure: Deeply Integrating Security in a New Hazard Analysis , 2017, ARES.

[14]  Elena Troubitsyna An Integrated Approach to Deriving Safety and Security Requirements from Safety Cases , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[15]  Desmond D'Souza,et al.  Objects, Components, and Frameworks with UML: The Catalysis Approach , 1998 .

[16]  Jean-Raymond Abrial,et al.  Modeling in event-b - system and software engineering by Jean-Raymond Abrial , 2010, SOEN.

[17]  Hiroaki Takada,et al.  HAZOP-based Security Analysis for Embedded Systems: Case Study of Open Source Immobilizer Protocol Stack , 2016 .

[18]  Kristian Beckers,et al.  A Lightweight Threat Analysis Approach Intertwining Safety and Security for the Automotive Domain , 2017, SAFECOMP.

[19]  Christoph Schmittner,et al.  Combined safety and security development lifecylce , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[20]  Vladimiro Sassone,et al.  Formal Analysis of Safety and Security Requirements of Critical Systems Supported by an Extended STPA Methodology , 2017, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[21]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..

[22]  Frank Reichenbach,et al.  A Pragmatic Approach on Combined Safety and Security Risk Analysis , 2012, 2012 IEEE 23rd International Symposium on Software Reliability Engineering Workshops.

[23]  Christoph Schmittner,et al.  A Case Study of FMVEA and CHASSIS as Safety and Security Co-Analysis Method for Automotive Cyber-physical Systems , 2015, CPSS@ASIACSS.

[24]  Arend Rensink,et al.  Uniform analysis of fault trees through model transformations , 2017, 2017 Annual Reliability and Maintainability Symposium (RAMS).

[25]  Youssef Laarouchi,et al.  A Model Based Approach For SCADA Safety And Security Joint Modelling: S-Cube , 2015 .

[26]  Masao Ito Finding Threats with Hazards in the Concept Phase of Product Development , 2014, EuroSPI.

[27]  Ludovic Apvrille,et al.  Designing Safe and Secure Embedded and Cyber-Physical Systems with SysML-Sec , 2015, MODELSWARD.

[28]  Christoph Schmittner,et al.  FMVEA for Safety and Security Analysis of Intelligent and Cooperative Vehicles , 2014, SAFECOMP Workshops.

[29]  Sakir Sezer,et al.  STPA-SafeSec: Safety and security analysis for cyber-physical systems , 2017, J. Inf. Secur. Appl..

[30]  Peter Liggesmeyer,et al.  Qualitative and Quantitative Analysis of CFTs Taking Security Causes into Account , 2015, SAFECOMP Workshops.

[31]  Ludovic Piètre-Cambacédès,et al.  Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[32]  Luyi Li,et al.  Extracting interdependent requirements and resolving conflicted requirements of safety and security for industrial control systems , 2015, 2015 First International Conference on Reliability Systems Engineering (ICRSE).

[33]  J. R. Landis,et al.  The measurement of observer agreement for categorical data. , 1977, Biometrics.

[34]  Nancy G. Leveson,et al.  Inside Risks An Integrated Approach to Safety and Security Based on Systems Theory , 2013 .

[35]  Zbigniew T. Kalbarczyk,et al.  Systems-Theoretic Likelihood and Severity Analysis for Safety and Security Co-engineering , 2017, RSSRail.

[36]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[37]  Stuart S. Shapiro,et al.  Privacy Risk Analysis Based on System Control Structures: Adapting System-Theoretic Process Analysis for Privacy Engineering , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[38]  Pao-Ann Hsiung,et al.  Unified Security and Safety Risk Assessment - A Case Study on Nuclear Power Plant , 2014, 2014 International Conference on Trustworthy Systems and their Applications.

[39]  Eric Armengaud,et al.  A Combined Safety-Hazards and Security-Threat Analysis Method for Automotive Systems , 2014, SAFECOMP Workshops.

[40]  Alessandro Cimatti,et al.  Combining MILS with Contract-Based Design for Safety and Security Requirements , 2014, SAFECOMP Workshops.

[41]  Christoph Schmittner,et al.  Combining Safety and Security Analysis for Industrial Collaborative Automation Systems , 2017, SAFECOMP Workshops.

[42]  Sridhar Adepu,et al.  Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[43]  Aditya P. Mathur,et al.  Aligning Cyber-Physical System Safety and Security , 2014, CSDM Asia.

[44]  Rajesh Kumar,et al.  Quantitative Security and Safety Analysis with Attack-Fault Trees , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[45]  Peter T. Popov,et al.  Stochastic Modeling of Safety and Security of the e-Motor, an ASIL-D Device , 2015, SAFECOMP.

[46]  Christoph Schmittner,et al.  Limitation and Improvement of STPA-Sec for Safety and Security Co-analysis , 2016, SAFECOMP Workshops.

[47]  Ludovic Piètre-Cambacédès,et al.  Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline , 2014, SAFECOMP.

[48]  J. Fleiss Measuring nominal scale agreement among many raters. , 1971 .

[49]  Nancy G. Leveson,et al.  Systems thinking for safety and security , 2013, ACSAC.

[50]  Richard Kissel,et al.  Glossary of Key Information Security Terms , 2014 .