Top

Published in:

2017 | Supplement | Chapter

Software Updates in Safety and Security Co-engineering

Authors : Imanol Mugarza, Jorge Parra, Eduardo Jacob

Published in: Computer Safety, Reliability, and Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The application of Industry 4.0 in automation systems leads to a higher interconnectivity among machines, devices, sensors, the cloud and humans. Nevertheless, this paradigm leaves open the possibility of new cyber-security threats and attacks against industrial control systems, even for those that perform safety-critical functions. Consequently, software updates are needed in order to fix the vulnerabilities and bugs discovered on these systems. This article presents a review of safety and security standards with respect to software updates. In addition to this, a roadmap of standards for the development of safe and secure systems is provided.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Combining Safety and Security Analysis for Industrial Collaborative Automation Systems

next chapter Detailed Analysis of Security Evaluation of Automotive Systems Based on JASO TP15002

Ebert, C., Jones, C.: Embedded software: facts, figures, and future. Computer 42(4), 0042–0052 (2009)CrossRef

Paul, S., Rioux, L.: Over 20 years of research in cybersecurity and safety engineering: a short bibliography. In: Conference: 6th International Conference on Safety and Security Engineering (SAFE) (2015). https://www.witpress.com/elibrary/wit-transactions-on-the-built-environment/151/33367

Paul, S.: On the meaning of security for safety (s4s). WIT Trans. Built Environ. 151, 379–389 (2015)CrossRef

International Atomic Energy Agency: IAEA Safety Glossary. International Atomic Energy Agency, Vienna (2008)

Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9, 49–51 (2011)CrossRef

Kaspersky Security Intelligence. Industrial cybersecurity threat landscape (2016). Accessed 19 Nov 2016

Tom, S., Christiansen, D., Berrett, D.: Recommended practice for patch management of control systems. DHS Control System Security Program (CSSP) Recommended, Practice (2008)

International Electrotechnical Commission and Others: Functional safety of electrical/electronic/programmable electronic safety related systems. IEC 61508 (2000)

ISO/DIS 26262 - Road vehicles - Functional safety. Technical report, Geneva, Switzerland, July 2009

10.

International Electrotechnical Commission and Others: IEC 62278: Railway applications-specification and demonstration of reliability, availability, maintainability and safety (rams). ed. Geneva, Switzerland: IEC Central Office, pp. 21–24 (2002)

11.

International Electrotechnical Commission and Others: IEC 62279, railway applications-software for railway control and protection systems. ed. Geneva, Switzerland: IEC Central Office, pp. 21–24 (2002)

12.

International Electrotechnical Commission and Others: IEC 62425: Railway applications - communication, signalling and processing systems - safety related electronic systems for signalling. ed. Geneva, Switzerland: IEC Central Office, pp. 21–24 (2002)

13.

IEC 61511 Functional Safety - Safety instrumented systems for the process industry sector. Technical report, International Electrotechnical Commission (2003)

14.

Disterer, G.: ISO/IEC 27000, 27001 and 27002 for information security management (2013)

15.

The Common Criteria Recognition Agreement Members. Common Criteria for Information Technology Security Evaluation, September 2006. http://www.commoncriteriaportal.org/

16.

International Electrotechnical Commission and Others: IEC 61784: Digital data communications for measurement and control. ed. Geneva, Switzerland: IEC Central Office, pp. 21–24 (2010)

17.

Paul, S., Rioux, L., Wiander, T., Vallée, F.: Recommendations for security and safety co-engineering (release n 2). ITEA2 MERgE project (2015)

18.

International Electrotechnical Commission and Others: IEC 62443: Industrial communication networks - network and system security. ed. Geneva, Switzerland: IEC Central Office (2010)

19.

International Electrotechnical Commission and Others: IEC 62443-2-3: Industrial communication networks - network and system security - patch management in the IACS environment. ed. Geneva, Switzerland: IEC Central Office (2010)

20.

SANS Institute: Common Criteria and Protection Profiles: How to Evaluate Information (2003)

21.

SANS Institute: The Common Criteria ISO/IEC 15408 - The Insight, Some Thoughts, Questions and Issues (2001)

22.

Melton, R., Fletcher, T., Earley, M.: System protection profile-industrial control systems. Version 1.0, National Institute of Standards and Technology (2004)

23.

Bock, H.-H., Braband, J., Milius, B., Schäbe, H.: Towards an IT security protection profile for safety-related communication in railway automation. In: Ortmeier, F., Daniel, P. (eds.) SAFECOMP 2012. LNCS, vol. 7612, pp. 137–148. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33678-2_12 CrossRef

24.

Bundesamt für Sicherheit in der Informationstechnik: Common criteria protection profile standard reader - smart card reader with pin-pad supporting eid based on extended access control," Bundesamt für Sicherheit in der Informationstechnik (2013)

25.

Smith, D.J., Simpson, K.G.: Handbook, Safety Critical Systems : A Straightfoward Guide To Functional Safety, IEC 61508 2010th edn. And Related Standards, Including Process IEC 61511 And Machinery IEC 62061 And ISO 13849. Elsevier (2010)

Title: Software Updates in Safety and Security Co-engineering
Authors: Imanol Mugarza
Jorge Parra
Eduardo Jacob
Publisher: Springer International Publishing
Book: Computer Safety, Reliability, and Security
Print ISBN: 978-3-319-66283-1

Electronic ISBN: 978-3-319-66284-8

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-66284-8_17

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner