An Assurance Framework for Independent Co-assurance of Safety and Security

Integrated safety and security assurance for complex systems is difficult for many technical and socio-technical reasons such as mismatched processes, inadequate information, differing use of language and philosophies, etc.. Many co-assurance techniques rely on disregarding some of these challenges in order to present a unified methodology. Even with this simplification, no methodology has been widely adopted primarily because this approach is unrealistic when met with the complexity of real-world system development. This paper presents an alternate approach by providing a Safety-Security Assurance Framework (SSAF) based on a core set of assurance principles. This is done so that safety and security can be co-assured independently, as opposed to unified co-assurance which has been shown to have significant drawbacks. This also allows for separate processes and expertise from practitioners in each domain. With this structure, the focus is shifted from simplified unification to integration through exchanging the correct information at the right time using synchronisation activities

Early aspects: aspect-oriented requirements engineering and architecture design

This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications

Enhancing the EAST-ADL error model with HiP-HOPS semantics

EAST-ADL is a domain-specific modelling language for the engineering of automotive embedded systems. The language has abstractions that enable engineers to capture a variety of information about design in the course of the lifecycle — from requirements to detailed design of hardware and software architectures. The specification of the EAST-ADL language includes an error model extension which documents language structures that allow potential failures of design elements to be specified locally. The effects of these failures are then later assessed in the context of the architecture design. To provide this type of useful assessment, a language and a specification are not enough; a compiler-like tool that can read and operate on a system specification together with its error model is needed. In this paper we integrate the error model of EAST-ADL with the precise semantics of HiP-HOPS — a state-of-the-art tool that enables dependability analysis and optimization of design models. We present the integration concept between EAST-ADL structure and HiP-HOPS error propagation logic and its transformation into the HiP-HOPS model. Source and destination models are represented using the corresponding XML formats. The connection of these two models at tool level enables practical EAST-ADL designs of embedded automotive systems to be analysed in terms of dependability, i.e. safety, reliability and availability. In addition, the information encoded in the error model can be re-used across different contexts of application with the associated benefits for cost reduction, simplification, and rationalisation of dependability assessments in complex engineering designs

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research

Integrating security and usability into the requirements and design process

According to Ross Anderson, 'Many systems fail because their designers protect the wrong things or protect the right things in the wrong way'. Surveys also show that security incidents in industry are rising, which highlights the difficulty of designing good security. Some recent approaches have targeted security from the technological perspective, others from the human–computer interaction angle, offering better User Interfaces (UIs) for improved usability of security mechanisms. However, usability issues also extend beyond the user interface and should be considered during system requirements and design. In this paper, we describe Appropriate and Effective Guidance for Information Security (AEGIS), a methodology for the development of secure and usable systems. AEGIS defines a development process and a UML meta-model of the definition and the reasoning over the system's assets. AEGIS has been applied to case studies in the area of Grid computing and we report on one of these