A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems

Lin Shen Liew; Giedre Sabaliauskaite; Nandha Kumar  Kandasamy; Choong-Yew William  Wong

doi:10.3390/telecom2040030

A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems

Lin Shen Liew
, Giedre Sabaliauskaite
, Nandha Kumar Kandasamy
, Choong-Yew William Wong

Research output: Contribution to journal › Article › peer-review

6 Citations (Scopus)

102 Downloads (Pure)

Abstract

Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems.

Original language	English
Pages (from-to)	536-553
Number of pages	18
Journal	Telecom
Volume	2
Issue number	4
DOIs	https://doi.org/10.3390/telecom2040030
Publication status	Published - 9 Dec 2021

Bibliographical note

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Keywords

FMEA
STAMP
STPA
STRIDE
cyber-physical system
hazard analysis
matrix
safety analysis
security analysis

Access to Document

10.3390/telecom2040030Licence: CC BY

PublishedFinal published version, 949 KBLicence: CC BY

Cite this

@article{32b0daaccfe44ee0bb354bd38deacb49,

title = "A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems",

abstract = "Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S\&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S\&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems.",

keywords = "FMEA, STAMP, STPA, STRIDE, cyber-physical system, hazard analysis, matrix, safety analysis, security analysis",

author = "Liew, \{Lin Shen\} and Giedre Sabaliauskaite and Kandasamy, \{Nandha Kumar\} and Wong, \{Choong-Yew William\}",

note = "This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.",

year = "2021",

month = dec,

day = "9",

doi = "10.3390/telecom2040030",

language = "English",

volume = "2",

pages = "536--553",

journal = "Telecom",

issn = "2673-4001",

publisher = "MDPI",

number = "4",

}

TY - JOUR

T1 - A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems

AU - Liew, Lin Shen

AU - Sabaliauskaite, Giedre

AU - Kandasamy, Nandha Kumar

AU - Wong, Choong-Yew William

N1 - This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PY - 2021/12/9

Y1 - 2021/12/9

N2 - Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems.

AB - Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems.

KW - FMEA

KW - STAMP

KW - STPA

KW - STRIDE

KW - cyber-physical system

KW - hazard analysis

KW - matrix

KW - safety analysis

KW - security analysis

UR - https://www.scopus.com/pages/publications/85145177702

U2 - 10.3390/telecom2040030

DO - 10.3390/telecom2040030

M3 - Article

SN - 2673-4001

VL - 2

SP - 536

EP - 553

JO - Telecom

JF - Telecom

IS - 4

ER -

A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this