The Integration of Safety and Security Requirements

This paper investigates safety and security requirements specification methods, and proposed techniques for the integration of contrasting methodologies. The nature of interaction between safety and security requirements, and problems relating to their independent development, are discussed. The requirements specifications of an Air Traffic Control system are used to highlight the problems inherent in the independent approach to requirements development. From investigation of the literature and the case study, we identify several areas that can cause problems when we attempt to harmonize safety and security requirements techniques. The most important of these are: different system models used for safety and security; different documentation structures for the analyses and their results; the interaction of safety and security requirements; isolation of safety and security requirements processes.