nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Co-Engineering-in-the-Loop

verfasst von : Thomas Gruber, Christoph Schmittner, Martin Matschnig, Bernhard Fischer

Erschienen in: Computer Safety, Reliability, and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

System safety standards have been available for two decades. Remarkably, none of the functional safety standards gave detailed guidance on how to treat potential security risks; security was – if at all – only mentioned in a small remark. However, the way how systems are built has changed; today’s safety-critical systems are more and more integrated in networks and, thus, the old paradigm of isolated systems is not any more valid. It has been recognized that safety and security, and since recently also performance, need to be treated in combination: Co-engineering is required. After a short glance at the state of the art in co-engineering methods and in respective standardization, the paper describes the approach of co-engineering with interaction points taken in the ECSEL project AQUAS, which has been running since May 2017. The methodology is illustrated with first details on how the co-engineering approach for the concept phase is realized in the industrial drive use case provided by Siemens AG Austria.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Towards (Semi-)Automated Synthesis of Runtime Safety Models: A Safety-Oriented Design Approach for Service Architectures of Cooperative Autonomous Systems

Nächstes Kapitel STPA Guided Systems Engineering

IEC_61508-1_Ed.2.0: Functional safety of electrical/electronic/programmable electronic safety-related. Part 1-6 (2010)

BBC Report: Hack attack causes ‘massive damage’ at steel works, http://www.bbc.com/news/technology-30575104. Accessed May 2018

IEC 61800: Adjustable speed electrical power drive systems Part 1-7

ISO/IEC 15408-1:2009: Information technology – security techniques – evaluation criteria for IT security – Part 1: introduction and general model

ISO/IEC 27000:2018: Information technology - security techniques - information security management systems - overview and vocabulary

ISO - International Organization for Standardization. ISO 26262 Road vehicles Functional Safety Part 1-10 (2011)

Scandariato, R., Wuyts, K., Joosen, W., Microsoft Corporation: A descriptive study of Microsoft’s threat modeling technique. http://scholar.google.at/scholar_url?url=https://lirias.kuleuven.be/bitstream/123456789/424554/1/rej-stride.pdf&hl=de&sa=X&scisig=AAGBfm37KabrVfVeveavNgju0SLcmf351w&nossl=1&oi=scholarr. Accessed May 2018

Macher, G., Sporer, H., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method (2015)

The_MERgE_Project: D3.4.4: Recommendations for Security and Safety Co-engineering (2016). http://www.merge-project.eu/merge-deliverables

10.

Schmittner, C., Gruber, T., Puschner, P., Schoitsch, E.: Security application of failure mode and effect analysis (FMEA). In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 310–325. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10506-2_21CrossRef

11.

IEC 60812: Analysis techniques for system reliability – procedure for failure mode and effects analysis (FMEA), 2nd edn. (2006)

12.

https://www.techrepublic.com/blog/it-security/the-cia-triad/. Accessed 26 May 2018

13.

SAE J3061: Cybersecurity guidebook for cyber-physical vehicle systems (2016)

14.

IEC/TS_62443-1-1: Industrial communication networks – network and system security – Part 1-1: terminology, concepts and models (2009)

15.

IEC_62443-2-1: Industrial communication networks – network and system security – Part 2-1: establishing an industrial automation and control system security program (2010)

16.

IEC_62443-3-1: Industrial communication networks – network and system security – Part 3-1: system security requirements and security levels, Draft

17.

IEC_62443-3-2: Industrial communication networks – network and system security – Part 3-2: security risk assessment and system design, Draft

18.

IEC_62443-3-3: Industrial communication networks – network and system security – Part 3-3: system security requirements and security levels (2013)

19.

IEC 62443-4-1: Security for industrial automation and control systems - Part 4-1: secure product development lifecycle requirements (2018)

20.

IEC 62443-4-2: Industrial communication networks - security for industrial automation and control systems - Part 4-2: technical security requirements for IACS components, Draft (2017)

21.

Industry 4.0 – Wikipedia. https://en.wikipedia.org/wiki/Industry_4.0

22.

Hackers trigger yet another power outage in Ukraine, ars TECHNICA. https://arstechnica.com/information-technology/2017/01/the-new-normal-yet-another-hacker-caused-power-outage-hits-ukraine/

23.

Schmittner, C., Ma, Z., Puschner, P.: Limitation and improvement of STPA-Sec for safety and security co-analysis. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 195–209. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45480-1_16CrossRef

24.

Fovino, I.N., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliab. Eng. Syst. Saf. 94, 1394–1402 (2009)CrossRef

25.

The AMASS Project. https://www.amass-ecsel.eu/

26.

Gashi, I., Povyakalo, A., Strigini, L.: Diversity, safety and security in embedded systems: modelling adversary effort and supply chain risks. In: 12th European Dependable Computing Conference (EDCC), Gothenburg, pp. 13–24 (2016)

27.

The AQUAS Project. https://aquas-project.eu/

28.

The Arrowhead Project. http://www.arrowhead.eu/

29.

Bloomfield, R., Netkachova, K., Stroud, R.: Security-informed safety: if it’s not secure, it’s not safe. In: Gorbenko, A., Romanovsky, A., Kharchenko, V. (eds.) SERENE 2013. LNCS, vol. 8166, pp. 17–32. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40894-6_2CrossRef

Titel: Co-Engineering-in-the-Loop
verfasst von: Thomas Gruber
Christoph Schmittner
Martin Matschnig
Bernhard Fischer
Verlag: Springer International Publishing
Buch: Computer Safety, Reliability, and Security
Print ISBN: 978-3-319-99228-0

Electronic ISBN: 978-3-319-99229-7

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-99229-7_14

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"