A Model-based Approach to Interdependency between Safety and Security in ICS

Wide use of modern ICT technologies brings not only communication efficiency, but also security vulnerabilities into industrial control systems. Traditional physically-isolated systems are now required to take cyber security into consideration, which might also lead to system failures. However, integrating security and safety analysis has always been a challenging issue and the various interdependencies between them make it even more difficult, because they might mutually enhance, or undermine. The paper proposes an integrating framework to (i) formalise the desired and undesired properties to be safe(unsafe) or secure(insecure), including the dependencies between them, (ii) evaluate if a query state reaches a safe(unsafe) or secure(insecure) state, and further quantify how safe or secure the state is. In this way, we can accurately capture the benign and harmful relations between safety and security, particularly detecting and measuring conflicting impacts on them. Finally, this framework is implemented by answer set programming to enable automatic evaluation, which is demonstrated by a case study on pipeline transportation.

[1]  Alex M. Andrew,et al.  Knowledge Representation, Reasoning and Declarative Problem Solving , 2004 .

[2]  Peter Palensky,et al.  Common approach to functional safety and system security in building automation and control systems , 2007, 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007).

[3]  Carl A. Gunter,et al.  Addressing Safety and Security Contradictions in Cyber-Physical Systems , 2009 .

[4]  Jorge Lobo,et al.  D-algebra for composing access control policy decisions , 2009, ASIACCS '09.

[5]  Ludovic Piètre-Cambacédès,et al.  Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[6]  Ludovic Piètre-Cambacédès,et al.  The SEMA referential framework: Avoiding ambiguities in the terms "security" and "safety" , 2010, Int. J. Crit. Infrastructure Prot..

[7]  Marius Thomas Lindauer,et al.  Potassco: The Potsdam Answer Set Solving Collection , 2011, AI Commun..

[8]  Robert J. Stroud,et al.  Security-Informed Safety: If It's Not Secure, It's Not Safe , 2013, SERENE.

[9]  Jonathan D. Moffett,et al.  The Integration of Safety and Security Requirements , 1999, SAFECOMP.

[10]  Christoph Woskowski,et al.  A Pragmatic Approach towards Safe and Secure Medical Device Integration , 2014, SAFECOMP.

[11]  Ellen McCrady A Survey of Approaches , 1982 .

[12]  Flemming Nielson,et al.  Advice from Belnap Policies , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[13]  Ralph Langner Robust Control System Networks , 2011 .

[14]  T. Aven A unified framework for risk and vulnerability analysis covering both safety and security , 2011 .

[15]  Ralph Langner,et al.  Robust Control System Networks: How to Achieve Reliable Control After Stuxnet , 2011 .

[16]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..

[17]  Ludovic Piètre-Cambacédès,et al.  Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline , 2014, SAFECOMP.