Top

Published in:

2023 | OriginalPaper | Chapter

Analyzing Origins of Safety and Security Interactions Using Feared Events Trees and Multi-level Model

Authors : Megha Quamara, Christina Kolb, Brahim Hamid

Published in: Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Existing approaches to analyzing safety and security are often limited to a standalone viewpoint and lack a comprehensive mapping of the propagation of concerns, including unwanted (feared events like faults, failures, hazards, and attacks) and wanted ones (e.g., requirements, properties) and their interplay across different granular system representations. We take this problem to a novel combination of the Fault and Attack Trees (FATs) as Feared Events-Properties Trees (FEPTs) and propose an approach for analyzing safety and security interactions considering a multi-level model. The multi-level model facilitates identifying safety- and security-related feared events and associated properties across different system representation levels, viz. system, sub-system, information, and component. Likewise, FEPT allows modeling and analyzing the inter-dependencies between the feared events and properties and their propagation across these levels. We illustrate the use of this approach in a simple and realistic case of trajectory planning in an intersection point scenario regarding autonomous Connected-Driving Vehicles (CDVs) to address the potential interactions between safety and security.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Patterns for Integrating NIST 800-53 Controls into Security Assurance Cases

next chapter Utilising Redundancy to Enhance Security of Safety-Critical Systems

Barr, L.C., et al.: Preliminary risk assessment for small unmanned aircraft systems. In: 17th AIAA Aviation Technology, Integration, and Operations Conference, p. 3272 (2017)

Fockel, M., Schubert, D., Trentinaglia, R., Schulz, H., Kirmair, W.: Semi-automatic integrated safety and security analysis for automotive systems. In: Modelsward, pp. 147–154 (2022)

International, S.: Taxonomy and definitions for terms related to driving automation systems for on-road motor vehicles. SAE Int. 4970(724), 1–5 (2018)

Iso15288 (2015). https://www.iso.org/standard/63711.html. Accessed March 2023

Iso26262 (2018). https://www.iso.org/standard/68383.html. Accessed March 2023

Kolb, C., Nicoletti, S.M., Peppelman, M., Stoelinga, M.: Model-based safety and security co-analysis: a survey. ArXiv, abs/2106.06272 (2021)

Kriaa, S., Bouissou, M., Colin, F., Halgand, Y., Pietre-Cambacedes, L.: Safety and security interactions modeling using the BDMP formalism: case study of a pipeline. In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 326–341. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10506-2_22CrossRef

Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE), pp. 25–32. IEEE (2017)

Maier, T.: FMEA and FTA to support safe design of embedded software in safety-critical systems. In: Shaw, R. (eds.) Safety and Reliability of Software Based Systems, pp. 351–367. Springer, London (1997). https://doi.org/10.1007/978-1-4471-0921-1_22

10.

Montanaro, U., et al.: Towards connected autonomous driving: review of use-cases. Veh. Syst. Dyn. 57(6), 779–814 (2019)CrossRef

11.

Nasa, N.: Systems engineering handbook. National Aeronautics and Space Administration (2007)

12.

Opdahl, A.L., Sindre, G.: Experimental comparison of attack trees and misuse cases for security threat identification. Inf. Softw. Technol. 51(5), 916–932 (2009)CrossRef

13.

Pek, C., Althoff, M.: Ensuring motion safety of autonomous vehicles through online fail-safe verification. In: Robotics: Science and Systems-Pioneers Workshop (2019)

14.

Petit, J., Shladover, S.E.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2014)

15.

Quamara, M., Pedroza, G., Hamid, B.: Multi-layered model-based design approach towards system safety and security co-engineering. In: 2021 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C), pp. 274–283. IEEE (2021)

16.

Quamara, M., Pedroza, G., Hamid, B.: Facilitating safety and security co-design and formal analysis in multi-layered system modeling. In: 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pp. 1–8. IEEE (2022)

17.

Quamara, M., Pedroza, G., Hamid, B.: Formal analysis approach for multi-layered system safety and security co-engineering. In: Marrone, S., et al. (eds.) Dependable Computing – EDCC 2022 Workshops. EDCC 2022. CCIS, vol. 1656, pp. 18–31. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-16245-9_2

18.

Sabaliauskaite, G., Mathur, A.P.: Aligning cyber-physical system safety and security. In: Cardin, M.A., Krob, D., Lui, P., Tan, Y., Wood, K. (eds.) Complex Systems Design and Management Asia, pp. 41–53. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-12544-2_4

19.

Saej3061 (2021). https://www.sae.org/standards/content/j3061_202112/. Accessed March 2023

20.

Wilkinson, P., Kelly, T.: Functional hazard analysis for highly integrated aerospace systems. In: IEE Certification of Ground/Air Systems Seminar (Ref. No. 1998/255), pp. 4–1. IET (1998)

Title: Analyzing Origins of Safety and Security Interactions Using Feared Events Trees and Multi-level Model
Authors: Megha Quamara
Christina Kolb
Brahim Hamid
Publisher: Springer Nature Switzerland
Book: Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops
Print ISBN: 978-3-031-40952-3

Electronic ISBN: 978-3-031-40953-0

Copyright Year: 2023
DOI: https://doi.org/10.1007/978-3-031-40953-0_15

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner