Abstract
Safety and security are two key properties of Cyber-Physical Systems (CPS). Safety is aimed at protecting the systems from accidental failures in order to avoid hazards, while security is focused on protecting the systems from intentional attacks. They share identical goals - protecting CPS from failing. When aligned within a CPS, safety and security work well together in providing a solid foundation of an invincible CPS, while weak alignment may produce inefficient development and partially-protected systems. The need of such alignment has been recognized by the research community, the industry, as well as the International Society of Automation (ISA), which identified a need of alignment between safety and security standards ISA84 (IEC 61511) and ISA99 (IEC 62443). We propose an approach for aligning CPS safety and security at early development phases by synchronizing safety and security lifecycles based on ISA84 and ISA99 standards. The alignment is achieved by merging safety and security lifecycle phases, and developing an unified model - Failure-Attack-CounTermeasure (FACT) Graph. The FACT graph incorporates safety artefacts (fault trees and safety countermeasures) and security artefacts (attack trees and security countermeasures), and can be used during safety and security alignment analysis, as well as in later CPS development and operation phases, such as verification, validation, monitoring, and periodic safety and security assessment.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: Proceedings of the 37th IEEE Annual Conference on Ind. Electronics Soc. (IECON 2011), pp. 4490–4494 (November 2011), doi:10.1109/IECON.2011.6120048
Stoneburner, G.: Toward a Unified Security-Safety Model. Computer 39(8), 96–97 (2006)
Roy, A., Dong, S.K., Trivedi, K.S.: Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), pp. 1–12 (June 2012)
Nai Fovino, I., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliability Engineering & System Safety 94(9), 1394–1402 (2009)
ANSI/ISA 84.00.01-2004, Application of Safety Instrumented Systems for the Process Industries. The Instrumentation, Systems, and Automation Society, Research Triangle Park, NC (2004)
Piètre-Cambacédès, L., Chaudet, C.: The SEMA referential framework: Avoiding ambiguities in the terms “security” and “safety”. International Journal of Critical Infrastructures Protection 3(2) (June 2010)
Reichenbach, F., Alme, K.-J., Endresen, J.: On the significance of fault tree analysis in practice. In: Proceedings of the IEEE Conference on Emerging Technologies & Factory Automation (ETFA 2009), September 22-25, pp. 1–7 (2009)
ANSI/ISA-99-00-01-2007. Security for Industrial Automation and Control Systems. Part 1: Terminology, Concepts, and Models. The Instrumentation, Systems, and Automation Society, Research Triangle Park, NC (2007)
Amin, S.: On Cyber Security for Networked Control Systems. PhD Thesis, University of California, Berkeley (2011)
ISA 99 Work Group 7 – Safety and Security (Joint with ISA84 committee), http://isa99.isa.org/ISA99%20Wiki/WG7.aspx (references on April 11, 2014)
Ten, C.-W., Liu, C.-C., Govindarasu, M.: Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees. In: Power Engineering Society General Meeting, pp. 1–8 (June 2007), doi:10.1109/PES.2007.385876
Kriaa, S., Bouissou, M., Pietre-Cambacedes, L.: Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments. In: Proceedings of the 7th International Conference on Risk and Security of Internet and Systems (CRiSIS 2012), pp. 1–8 (October 2012), doi:10.1109/CRISIS.2012.6378942
Sun, M., Mohan, S., Sha, L., Gunter, C.A.: Addressing Safety and Security Contradictions in Cyber-Physical Systems. In: Proceedings of the Workshop on Future Directions in Cyber-Physical Systems (July 2009)
Piètre-Cambacédès, L., Bouissou, M.: Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes). In: Proceedings of the IEEE International Conference on Systems Man and Cybernetics (SMC 2010), pp. 2852–2861 (October 2010)
Banerjee, A., Venkatasubramanian, K.K., Mukherjee, T., Gupta, S.K.S.: Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems. Proceedings of the IEEE 100(1), 283–299 (2012)
Piètre-Cambacédès, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Reliability Engineering & System Safety, 110–126 (February 2013)
Novak, T., Treytl, A.: Functional safety and system security in automation systems - a life cycle model. In: Proceedings of the IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2008), pp. 311–318 (September 2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Sabaliauskaite, G., Mathur, A.P. (2015). Aligning Cyber-Physical System Safety and Security. In: Cardin, MA., Krob, D., Lui, P., Tan, Y., Wood, K. (eds) Complex Systems Design & Management Asia. Springer, Cham. https://doi.org/10.1007/978-3-319-12544-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-12544-2_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12543-5
Online ISBN: 978-3-319-12544-2
eBook Packages: EngineeringEngineering (R0)