论文信息 - Co-Engineering-in-the-Loop

Co-Engineering-in-the-Loop

System safety standards have been available for two decades. Remarkably, none of the functional safety standards gave detailed guidance on how to treat potential security risks; security was – if at all – only mentioned in a small remark. However, the way how systems are built has changed; today’s safety-critical systems are more and more integrated in networks and, thus, the old paradigm of isolated systems is not any more valid. It has been recognized that safety and security, and since recently also performance, need to be treated in combination: Co-engineering is required. After a short glance at the state of the art in co-engineering methods and in respective standardization, the paper describes the approach of co-engineering with interaction points taken in the ECSEL project AQUAS, which has been running since May 2017. The methodology is illustrated with first details on how the co-engineering approach for the concept phase is realized in the industrial drive use case provided by Siemens AG Austria.

[1] Eric Armengaud,et al. SAHARA: A security-aware hazard and risk analysis method , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[2] Robert J. Stroud,et al. Security-Informed Safety: If It's Not Secure, It's Not Safe , 2013, SERENE.

[3] Igor Nai Fovino,et al. Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[4] Anne Marsden,et al. International Organization for Standardization , 2014 .

[5] Lorenzo Strigini,et al. Diversity, Safety and Security in Embedded Systems: Modelling Adversary Effort and Supply Chain Risks , 2016, 2016 12th European Dependable Computing Conference (EDCC).

[6] Christoph Schmittner,et al. Limitation and Improvement of STPA-Sec for Safety and Security Co-analysis , 2016, SAFECOMP Workshops.

[7] Christoph Schmittner,et al. Security Application of Failure Mode and Effect Analysis (FMEA) , 2014, SAFECOMP.

[8] R. Bell,et al. IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview , 1999 .