Security-Informed Safety

Society relies on the safe functioning of computer based networks and systems whether it is in transportation, in energy production, banking or in medical devices. In some sectors, notably high hazard ones, achieving and assuring safety is a relatively mature undertaking - although of course we must not be complacent [20,21]. The advent of cyber issues brings enormous challenges and changes to the traditional engineering tempo and approach. This is exacerbated by the increasing sophistication of attackers, the commoditisation of low-end attacks, the increasing vulnerabilities of digital systems as well as their connectivity - both designed and inadvertent. In our research and practice we have been considering the impact of cyber issues on safety critical and safety related computer systems1. This article shares some of the issues and lessons learned

Security-Informed Safety: Supporting Stakeholders with Codes of Practice

Codes of practice provide principles and guidance on how organizations can incorporate security considerations into their safety engineering lifecycle and become more security minded

Security-Informed Safety Case Approach to Analysing MILS Systems

Safety cases are the development foundation for safety-critical systems and are often quite complex to understand depending on the size of the system and operational conditions. The recent advent of security aspects complicates the issues further. This paper describes an approach to analysing safety and security in a structured way and creating security-informed safety cases that provide justification of safety taking into particular consideration the impact of security. The paper includes an overview of the structured assurance case concept, a security-informed safety methodology and a layered approach to constructing cases. The approach is applied to a Security Gateway that is used to control data flow between security domains in a separation kernel based operating system in avionics environment. We show that a clear and structured way of presenting a safety case combining safety and security alleviates understanding important interactions taking into account the impact and, hence, increases safety

Assurance of open systems dependability: developing a framework for automotive security and safety

We describe how a security informed analysis of the open systems dependability model of DEOS can be used to frame the problem of open systems and security. Together with an approach for analysing industry objectives based on claims, arguments and evidence (CAE), we develop a set of principles and rationale for the security and safety of road transport systems. The associated CAE will provide a generic template for a security informed safety case and supports standardization activities for security-informed safety

Security-informed safety: integrating security within the safety demonstration of a smart device

Safety and security engineering have, over the years, developed their own regulations, standards, cultures, and practices. However, there’s a growing realisation that security is closely connected to safety. Safety must be security-informed: if a safety-critical system isn’t secure, it isn’t safe. A safety demonstration is incomplete and unconvincing unless it considers security. In our work for government and industry, we have used the Claims, Arguments, Evidence (CAE) framework to analyse the impact of security on a safety justification or safety case and identified the significant changes needed to address security explicitly. This will impact the design and implementation process as well as the assurance and V&V approach. In this paper we discuss the impact of integrating security when developing a safety demonstration of a smart device. A smart device is an instrument, device or component that contains a microprocessor (and therefore contains both hardware and software) and is programmed to provide specialised capabilities, often measuring or controlling a process variable. Examples of smart devices include radiation monitors, relays, turbine governors, uninterruptible power supplies and heating ventilation, and air conditioning controllers

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines

Investigation into a Layered Approach to Architecting Security-Informed Safety Cases

The paper describes a layered approach to analysing safety and security in a structured way and creating a security-informed safety case. The approach is applied to a case study – a Security Gateway controlling data flow between two different security domains implemented with a separation kernel based operating system in an avionics environment. We discuss some findings from the case study, show how the approach identifies and ameliorates important interactions between safety and security and supports the development of complex assurance case structures

Security-Informed Safety: If it's not secure, it's not safe

Traditionally, safety and security have been treated as separate disciplines, but this position is increasingly becoming untenable and stakeholders are beginning to argue that if it’s not secure, it’s not safe. In this paper we present some of the work we have been doing on “security-informed safety”. Our approach is based on the use of structured safety cases and we discuss the impact that security might have on an existing safety case. We also outline a method we have been developing for assessing the security risks associated with an existing safety system such as a large-scale critical infrastructure

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 2

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. This report is Part 2 and discusses: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines

The Manifestation of Street Safety and Security as Spatial (in)justice in Selected Small Rural Towns of Vhembe District, South Africa

Safe and secure street spaces for pedestrians translate to spatially just urban environments. This study examined pedestrians' safety and security elements on street spaces in three selected Small Rural Towns (SRTs) in South Africa and assessed the users' physical perceptions of street safety and security in SRTs and their implications on spatial (in)justice. Forty-three street spaces from three SRTs in South Africa were purposively sampled and assessed in this study. The study adopted a mixed-method approach involving the use of a case study and a survey.  Data were collected through key informant interviews, a questionnaire survey and a street space design quality checklist. The distribution of safety and security elements across the studied 43 street spaces reflect the existence of justices and injustices concurrently. Users' theoretical perception of the meaning of street safety differs significantly from their actual experiences. The study recommends that the design and management of streets be informed by users' vision of street safety and security, as well as innovative project financing strategies to ensure spatial justice on street spaces