An architectural approach to the integration of safety and security requirements in smart products and systems design (original) (raw)
Related papers
CIRP Annals
The Internet of Things (IoT) is the key facilitator for digital manufacturing (Industry 4.0, Cyber-physical Systems), as well as for smart, intelligent products, services and processes. In the IoT, increasingly many product and process functions become safety-critical and exposed to IT security attacks. This adds tremendous complexity to product and process design, which this paper shows by using the automotive sector as a particularly challenging example. The article proposes a new logic and method for tackling the major challenges of design for functional safety and IT security which is essentially based on reducing the design solutions' complexities by integration. This is a very important and emerging area in design under 'design for security'. No changes. Section 3 should also include latest research on cyber-secure industrial control systems. We extended Section 3 by one paragraph elaborating on the CPS and ICS and citing three of the still very few key references on the subject of the integration of cybersecurity and functional safety in the design of ICS (new references [5,6,7]). To make the transition to the automotive sector, we have added a statement explaining the since industry is still the min driving force in the cybersecurity/safety integration, most relevant works can be found in sector-specific research and industry practice publications. You need to discuss role of people, hardware and software in the security of ESCL. We interpret this as a supporting remark, since we indicate in several places that the key idea and objective of our research is to enable an integrated design view on cybersecurity and functional safety aspects. Integrated design is essentially about enabling human experts from several different fields to collaborate efficiently in the design process, which is exactly what we search to facilitate by our method. Furthermore, in table 1 we established a vehicular vocabulary leveraging the communication between cybersecurity and safety experts. Also link between safety and cyber security is well presented. Good work. No changes. The paper introduces a new logic to drive safety and security concerns in cyber-physical systems. The proposed method is applied on an industrial case. No changes. The promised methodology is too shallow by far; New logic engineering methods for CPS. Deliberately and due to the requirements we were having for this research, we have based our method and our related research methodology on two emerging industry standards. Therefore, it is true that what we propose is rather a novel method than a profound methodology. We also agree to the reviewer that this methods represents a now logic of applying existing engineering methods for achieving integration n design. In order to take this explicitly into account, we have replaced the word "methodology" both in the abstract and the body of the text by "method" and/or "new logic of engineering methods".
Towards a Unified Security/Safety Framework - A Design Approach to Embedded System Applications
2007
This paper presents a safety and security-based approach to networked embedded system design that offers reusable design patterns for various domain-dedicated applications. After introducing proper terminology, it deals with industrial, sensor-based applications development support aiming at distributed components interconnected by wired Internet and/or wireless sensor networks. The paper presents a dependability-driven approach to embedded networks design for a class of Internet-based applications. It discusses an abstract framework stemming from embedded system networking technologies using wired and wireless LANs, and from the IEEE 1451.1 smart transducer interface standard supporting client-server and publish-subscribe communication patterns with group messaging based on IP multicast that mediate safe and secure access to smart sensors through Internet and Zigbee. The case study demonstrates how clients can access groups of wireless smart pressure and temperature sensors and saf...
A Systematic Approach for the definition of countermeasures in industrial IoT: An Automotive Case
2021
Inter-dependencies in critical industrial systems pose huge security challenges, which are tightly linked to the problems of interoperability and trustworthiness within and among those systems. In this paper, we try to establish the interconnection between these system properties in a way that allows the establishment of one property to positively affect and facilitate the establishment of the other. For that purpose, we design a methodology based on standardized and well-known models and frameworks, which are upgraded as needed and integrated into a single generic framework. Although this approach is meant to primarily help the security experts and the architects in their design practices, it also aims to facilitate the dialogue on important (cyber and physical) security issues among all relevant levels in an industrial IoT organization. The formal value and the practical applicability of the methodology are also demonstrated through a use case in the domain of road transportation ...
Design for Safety and Security of Complex Embedded Systems: A Unified Approach
NATO Science Series II: Mathematics, Physics and Chemistry, 2005
... device"), because of its potential criticality we need HW/SW co-design, and issues ... 7. CONCLUSIONS It has been demonstrated, that mass deployment of networked, dependable embedded systems ... A unified approach to address the safety AND security requirements of safety ...
Using Safety Case to Automotive and IoT Systems
Along with the growth of engineering and hardware, it is taken for granted that whatever device will contribute in the future. In the automobile industry, everything is expected to lead Automotives to provide advanced services such as automatic driving. In IoT society, as each lead is one or more systems, each quality characteristic is different like safety. For this reason, there is a concern that troubles may occur due to differences in posture regarding safety. In order to avoid the problem, it is important to visualize the design quality of each other system. It is necessary to obtain a common understanding among stakeholders. In this paper, as a method to visualize the design quality of the system, in order to prepare a description document of automatic operation system using GSN, based on the assumption and evidence, to be able to objectively explain the validity of the design quality. Check each other's system and after verification, it was shown that items should be described mutually among systems by providing items for measures against expected risks and threats in relationships between systems in the automatic operation system. When a such descriptor structure is shared between systems, a common understanding can be standardized obtained amongst stakeholders, and the quality required for products can be predicted. As a result, it is thought that problems caused by differences in corporate culture can be prevented.
An Overview of Safety and Security Analysis Frameworks for the Internet of Things
Electronics
The rapid progress of the Internet of Things (IoT) has continued to offer humanity numerous benefits, including many security and safety-critical applications. However, unlocking the full potential of IoT applications, especially in high-consequence domains, requires the assurance that IoT devices will not constitute risk hazards to the users or the environment. To design safe, secure, and reliable IoT systems, numerous frameworks have been proposed to analyse the safety and security, among other properties. This paper reviews some of the prominent classical and model-based system engineering (MBSE) approaches for IoT systems’ safety and security analysis. The review established that most analysis frameworks are based on classical manual approaches, which independently evaluate the two properties. The manual frameworks tend to inherit the natural limitations of informal system modelling, such as human error, a cumbersome processes, time consumption, and a lack of support for reusabi...
Towards Integrating Security in Industrial Engineering Design Practices
2021
During the past decades, and especially since the Stuxnet event, there has being a growing concern around the protection of critical infrastructures. Even though the protection of such systems and services has been an international security priority, still, even after all those years, relevant research either focuses on individual ICS systems security (PLC, RTU and SCADA network protection and attacks), or uses high-level models to perform risk assessments, mostly from a system-of-systems scope that studies interdependencies. From an engineering perspective, current approaches address system resilience from an efficiency perspective (i.e. focusing on the availability of physical processes) while neglecting the security dimension of their components. Still, the availability and reliability requirements of such systems are directly affected by security incidents. To our knowledge, there is currently no process to integrate security-by-design in industrial critical infrastructure engin...
Integrated safety and architecture modeling for automotive embedded systems*
e & i Elektrotechnik und Informationstechnik, 2011
EAST-ADL is an architecture description language (ADL) for model-based development of automotive embedded systems. The formalization of domain-specific engineering information and methodology brings a potential for a wide range of benefits for information management, system design and integration, tool interaction, documentation and communication. This paper describes the EAST-ADL language support for safety requirements, faults/failures, hazards and safety constraints in the context of ISO/DIS 26262 reference safety lifecycle. Based on the language support, the safety related information can be derived and managed seamlessly along with its target nominal system architecture model with multiple abstraction levels and view extensions. Through model transformation and tool integration, automated safety analysis is allowed.
A Security Analysis Method for Industrial Internet of Things
IEEE Transactions on Industrial Informatics
The Industrial Internet of Things (IIoT) provide an opportunity for industries to build large interconnected systems that utilise various technologies such as personal computers, wireless devices, and sensor devices and bring together the cyber and the physical world. Such systems provide us with huge advantages but they also introduce major security challenges at both the design and runtime stages. The literature argues for the need to introduce security-by-design methods, which enable security analysis and mitigation of security threats. This paper proposes a novel security-by-design method for IIoT environments across two different levels, design/modelling and runtime/simulation. Our method supports analysis of security requirements and identification of attack paths and their integration for the mitigation of potential vulnerabilities. We demonstrate its applicability through a real case study on a critical environment from the maritime sector which demonstrates that our method helps to identify security mechanisms to mitigate attacks on critical assets.