Abstract
Safety and security are two key properties of Cyber-Physical Systems (CPS). Safety is aimed at protecting the systems from accidental failures in order to avoid hazards, while security is focused on protecting the systems from intentional attacks. They share identical goals - protecting CPS from failing. When aligned within a CPS, safety and security work well together in providing a solid foundation of an invincible CPS, while weak alignment may produce inefficient development and partially-protected systems. The need of such alignment has been recognized by the research community, the industry, as well as the International Society of Automation (ISA), which identified a need of alignment between safety and security standards ISA84 (IEC 61511) and ISA99 (IEC 62443). We propose an approach for aligning CPS safety and security at early development phases by synchronizing safety and security lifecycles based on ISA84 and ISA99 standards. The alignment is achieved by merging safety and security lifecycle phases, and developing an unified model - Failure-Attack-CounTermeasure (FACT) Graph. The FACT graph incorporates safety artefacts (fault trees and safety countermeasures) and security artefacts (attack trees and security countermeasures), and can be used during safety and security alignment analysis, as well as in later CPS development and operation phases, such as verification, validation, monitoring, and periodic safety and security assessment.
Original language | English |
---|---|
Title of host publication | Complex Systems Design & Management Asia |
Subtitle of host publication | Designing Smart Cities: Proceedings of the First Asia - Pacific Conference on Complex Systems Design & Management, CSD&M Asia 2014 |
Editors | Michel-Alexandre Cardin, Daniel Krob, Pao Chuen Lui, Yang How Tan, Kristin Wood |
Publisher | Springer, Cham |
Pages | 41-53 |
Number of pages | 13 |
ISBN (Electronic) | 978-3-319-12544-2 |
ISBN (Print) | 978-3-319-12543-5 |
DOIs | |
Publication status | Published - 2015 |
Externally published | Yes |
Event | First Asia - Pacific Conference on Complex Systems Design & Management - Singapore, Singapore Duration: 10 Dec 2014 → 12 Dec 2014 http://www.2014.csdm-asia.net/ |
Conference
Conference | First Asia - Pacific Conference on Complex Systems Design & Management |
---|---|
Abbreviated title | CSD and M Asia 2014 |
Country/Territory | Singapore |
City | Singapore |
Period | 10/12/14 → 12/12/14 |
Internet address |
Keywords
- yber-physical systems
- CPS
- Safety
- Security
- Alignment
- ISA84
- IEC 61511
- ISA99
- IEC 62443
- Fault trees
- Attack trees