Automating Safety and Security Co-Design through Semantically-Rich Architectural Patterns

During the design of safety-critical systems, safety and security engineers make use of architectural patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety patterns has consequences on security, e.g., the deployment of a safety pattern may lead to new threats. The other way around may also be possible, i.e., the deployment of a security pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and trade-offs, in order to reach appropriate system designs. Currently, pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually, thus time-consuming and prone to human-error, especially given the high system complexity. We propose the use of semantically-rich architectural patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architectural patterns can address failures or threats and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.

[1]  Michael Gelfond,et al.  Logic Programs with Classical Negation , 1990, ICLP.

[2]  AvizienisAlgirdas,et al.  Basic Concepts and Taxonomy of Dependable and Secure Computing , 2004 .

[3]  Christoph Schmittner,et al.  Assuring Compliance with Protection Profiles with ThreatGet , 2019, SAFECOMP Workshops.

[4]  Alexander Pretschner,et al.  Enhancement of Automotive Penetration Testing with Threat Analyses Results , 2018 .

[5]  Heiko Mantel,et al.  Service Automata , 2011, Formal Aspects in Security and Trust.

[6]  Kristian Beckers,et al.  A Lightweight Threat Analysis Approach Intertwining Safety and Security for the Automotive Domain , 2017, SAFECOMP.

[7]  Barbara Gallina,et al.  Guiding assurance of architectural design patterns for critical applications , 2020, J. Syst. Archit..

[8]  Vivek Nigam,et al.  A Formal Security Assessment Framework for Cooperative Adaptive Cruise Control , 2020, 2020 IEEE Vehicular Networking Conference (VNC).

[9]  Zhendong Ma,et al.  Combined automotive safety and security pattern engineering approach , 2020, Reliab. Eng. Syst. Saf..

[10]  Kevin Delmas,et al.  Automatic Architecture Hardening Using Safety Patterns , 2015, SAFECOMP.

[11]  Ashraf Armoush,et al.  Design patterns for safety-critical embedded systems , 2010 .

[12]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[13]  Harald Ruess,et al.  On Computer-Aided Techniques for Supporting Safety and Security Co-Engineering , 2019, 2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW).

[14]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[15]  Haralambos Mouratidis,et al.  Cyber-attack path discovery in a dynamic supply chain maritime risk management system , 2018, Comput. Stand. Interfaces.

[16]  Vivek Nigam,et al.  Less Manual Work for Safety Engineers: Towards an Automated Safety Reasoning with Safety Patterns , 2020, ICLP Technical Communications.

[17]  Wolfgang Faber,et al.  The DLV system for knowledge representation and reasoning , 2002, TOCL.

[18]  Ludovic Piètre-Cambacédès,et al.  Cross-fertilization between safety and security engineering , 2013, Reliab. Eng. Syst. Saf..

[19]  John C. Knight,et al.  Safety critical systems: challenges and directions , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[20]  Chitta Baral,et al.  Knowledge Representation, Reasoning and Declarative Problem Solving , 2003 .

[21]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[22]  Road vehicles. Cybersecurity engineering , .

[23]  Gabriel Pedroza Towards Safety and Security Co-engineering - Challenging Aspects for a Consistent Intertwining , 2018, ISSA/CSITS@ESORICS.

[24]  Martin A. Skoglund,et al.  In Search of Synergies in a Multi-concern Development Lifecycle: Safety and Cybersecurity , 2018, SAFECOMP Workshops.

[25]  Daniel Le Berre,et al.  The Sat4j library, release 2.2 , 2010, J. Satisf. Boolean Model. Comput..

[26]  R. Hammett Design by extrapolation: an evaluation of fault-tolerant avionics , 2001, 20th DASC. 20th Digital Avionics Systems Conference (Cat. No.01CH37219).