Safety and security are highly related concepts [1] [2] [3]. Both deal with the protection of valuable assets from harm, and both do this by avoiding, detecting, and responding to incidents that can cause such harm. In both cases, the dangers (hazards and threats respectively) that can cause or enable such incidents to occur are identified and the associated risks are analyzed in order to ensure that these risks are mitigated to acceptable levels. Safety engineering is typically concerned less with requirements than with its downstream activities (e.g., architecting, design, coding, testing) because much of hazard analysis is based on the existence of an architecture, the components of which can cause accidents if they fail. Yet one central safety engineering technique is to categorize the system requirements based on their safety significance and use this categorization to determine the associated level of development processes necessary to assure a corresponding acceptable level of safety risk. Based on the similarity between safety and security, this position paper advocates using a similar process to categorize the security significance of non-security requirements and use this information to ensure that an adequate development process is used to assure an acceptable level of security risk.
[1]
Christopher J. Alberts,et al.
Managing Information Security Risks: The OCTAVE Approach
,
2002
.
[2]
Donald Firesmith,et al.
Common Concepts Underlying Safety, Security, and Survivability Engineering
,
2003
.
[3]
Nancy G. Leveson.
Intent Specifications: An Approach to Building Human-Centered Specifications
,
2000,
IEEE Trans. Software Eng..
[4]
Peter G. Bishop,et al.
A Methodology for Safety Case Development
,
2000,
SSS.
[5]
James Reason,et al.
Human Error
,
1990
.
[6]
M. Angela Sasse,et al.
Safe and sound: a safety-critical approach to security
,
2001,
NSPW '01.
[7]
Donald Firesmith,et al.
Engineering Security Requirements
,
2003,
J. Object Technol..