Abstract
Many industrial sectors, which manufacture safety intensive systems e.g., automotive, railway, etc., now face technical challenges on how to integrate and harmonize critical issues on safety in addition to security for their systems. In this paper, we will explore a new way of reconciling those issues in an argument form, which we call Safe & Sec (Safety and Security) case patterns. They are derived from process patterns identified from our literature survey on research and standards. Safe & Sec case patterns in this paper will provide practitioners a wide perspective and baseline on how they could provide an assurance framework for their safety intensive systems with security focus.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alexander, R., Hawkins, R., Kelly, T.: Security assurance cases: Motivation and the state of the art. Department of Computer Science, University of York, Technical report (2011)
Bieber, P., Blanquart, J.P., Descargues, G., Dulucq, M., Fourastier, Y., Hazane, E., Julien, M., Léonardon, L., Sarouille, G.: Security and safety assurance for aerospace embedded systems. In: Proceedings of the 6th International Conference on Embedded Real Time Software and Systems, ERTS 2012, pp. 1–10 (2012)
Bloomfield, R., Netkachova, K., Stroud, R.: Security-informed safety: if it’s not secure, it’s not safe. In: Gorbenko, A., Romanovsky, A., Kharchenko, V. (eds.) SERENE 2013. LNCS, vol. 8166, pp. 17–32. Springer, Heidelberg (2013)
Boran, L.: Automotive cyber-security. In: Escar Europe (2013)
Born, M.: An approach to safety and security analysis for automotive systems. In: SAE 2014 World Congress and Exhibition (2014)
Goodenough, J., Lipson, H.F., Weinstock, C.B.: Arguing security - creating security assurance cases. Technical report SEI/CMU (2014)
IEC 62280:2014: Railway applications - Communication, signaling and processing systems -Safety related communication in transmission systems (2014)
IEC61025: Fault tree analysis (FTA) (2006)
ISO26262:2011: Road Vehicle - Functional Safety -, Part 1 to Part 9 (2011)
ISO/IEC 15408: Common Criteria for Information Technology Security Evaluation (2012)
Kelly, T.: Arguing Safety - A Systematic Approach to Safety Case Management. Ph.D. thesis, Department of Computer Science, University of York (1998)
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: Don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014). http://dx.doi.org/10.1016/j.cosrev.2014.07.001
Praxis: SafSec: Integration of Safety & Security Certification, SafSec Methodology: Guidance Material (2006)
Praxis: SafSec: Integration of Safety & Security Certification, SafSec Methodology: Standard (2006)
RTCA DO-326A: Airworthiness Security Process Specification (2014)
SAE: Cybersecurity Guidebook for Cyber-Physical Automotive Systems
Schneier, B.: Attack Trees. Dr. Dobbs Journal (1996)
SESAMO. http://sesamo-project.eu/
Steiner, M., Liggesmeyer, P.: Combination of safety and security analysis - finding security problems that threaten the safety of a system. In: Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-Physical Systems) (2013)
UK Ministory of Defence: Defence standard 00–56: Safety management requirements for defence systems (2004)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Taguchi, K., Souma, D., Nishihara, H. (2015). Safe & Sec Case Patterns. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9338. Springer, Cham. https://doi.org/10.1007/978-3-319-24249-1_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-24249-1_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24248-4
Online ISBN: 978-3-319-24249-1
eBook Packages: Computer ScienceComputer Science (R0)