A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B

  • Sassone V
  • Howard G
  • Colley J
  • et al.
N/ACitations
Citations of this article
7Readers
Mendeley users who have this article in their library.

Abstract

Cyber-physical systems represent a challenge to conventional security and safety analysis techniques due to their complexity and the need to consider both safety and security equally. It is also important that the requirements generated to mitigate against safety and security risks are clear and adequately address the underlying issue. A methodology is presented in this paper to allow for integrated safety and security analysis of cyber-physical systems, particularly in a critical infrastructure context. This methodology uses a modified form of STPA, which has been coupled with our concept of adversarial modelling, to analyse for security and safety hazards which are then mitigated against by the creation of critical requirements. These critical requirements are then validated through their application to an Event-B formal model, allowing for their completeness to be verified. The output of the methodology is a set of critical requirements that guide iteration of and improvements to the system design to ensure its safety and security are maintained.

Cite

CITATION STYLE

APA

Sassone, V., Howard, G., Colley, J., & Butler, M. (2019). A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B. International Journal of Critical Computer-Based Systems, 9(1/2), 56. https://doi.org/10.1504/ijccbs.2019.10020048

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free