Abstract
This paper has two objectives: raising awareness about the existence, nature and impacts of safety-security interdependencies in complex systems, and promoting the idea that System Engineering tools and methodologies may help to master them. Firstly, we illustrate and categorize the different types of safety security interdependencies, before identifying their related stakes. Then, we highlight the links between safety and security ontologies, in theory and in practice.We also present some primary elements needed for a concrete application of System Engineering approaches on the safety-security issue. Finally, potential directions and future efforts needed to continue this research are discussed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ANSSI France. EBIOS 2010: Expression des besoins et Identification des Objectifs de Sécurité (2010), http://www.ssi.gouv.fr/
Berson, A., Dubov, L.: Master data management and customer data integration for global enterprise. McGraw-Hill, Osborne (2007)
Derock, A., Hebrard, P., Vallée, F.: Convergence of the latest standards addressing safety and security for information technology. In: On-line proceedings of Embedded Real Time Software and Systems (ERTS2 2010), Toulouse, France (May 2010)
Eames, D.P., Moffett, J.: The Integration of Safety and Security Requirements. In: Felici, M., Kanoun, K., Pasquini, A. (eds.) SAFECOMP 1999. LNCS, vol. 1698, pp. 468–480. Springer, Heidelberg (1999)
Eurocontrol. Eurocontrol SAfety Regulatory Requirement. Eurocontrol Safety Regulation Commission (2001)
Deleuze, G.: Un cadre conceptuel pour la comparaison sûreté et sécurité de filières industrielles. In: Proceedings of the 2nd Interdisciplinary Workshop on Global Security (WISG 2008), Troyes, France (2008)
International Electrotechnical Commission (IEC). Nuclear power plants – instrumentation and control important to safety – requirements for computer security programmes. IEC Committee Draft 62645 (April 2010)
Jalouneix, J., Cousinou, P., Couturier, J., Winter, D.: Approche comparative entre sûreté et sécurité nucléaires. Technical Report 2009/117, Institut de Radioprotection et de Sûreté Nucléaire (IRSN) (April 2009)
Lautieri, S., Dobbing, B.: SafSec: Integration of Safety & Security Certification, SafSec Methodology: Standard (3.1) (November 2006)
Line, M.B., Nordland, O., Røstad, L., Tøndel, I.A.: Safety vs. security? In: Proceedings of the 8th International Conference on Probabilistic Safety Assessment and Management (PSAM 2006), Nouvelle-Orléans, États-Unis (May 2006)
Loshin, D.: Master data management. The MK/OMG Press (2009)
Nicol, D.M., Sanders, W.H., Trivedi, K.S.: Model-based evaluation: From dependability to security. IEEE Transactions on Dependable and Secure Computing 1(1), 48–65 (2004)
Falliere, N., Murchu, L.O., Chien, E.: W32. Stuxnet Dossier, version 1.4. Symantec reports (2011)
Nordland, O.: Making safe software secure. In: Proceedings of the 16th Safety-Critical Systems Symposium, Improvements in System Safety, SSS 2008, Bristol, UK, pp. 15–23 (February 2008)
Piètre-Cambacédès, L.: Des relations entre sûreté et sécurité. PhD thesis, Télécom ParisTech (2010) (in French)
Piètre-Cambacédès, L., Bouissou, M.: Attack and Defense Modeling with BDMP. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2010. LNCS, vol. 6258, pp. 86–101. Springer, Heidelberg (2010)
Piètre-Cambacédès, L., Chaudet, C.: The SEMA referential framework: avoiding ambiguities in the terms “security” and “safety”. International Journal of Critical Infrastructure Protection 3(2), 55–66 (2010)
Provadys: Top 10 Corporate Networks Security flaws (2009), http://www.checkmates.eu/
Régnier-Pécastaing, F., Gabassi, M., Finet, J.: MDM, enjeux et méthodes la gestion des données, Dunod (2008)
Schoitsch, E.: Design for safety and security of complex embedded systems: a unified approach. In: Proceedings of the NATO Advanced Research Workshop on Cyberspace Security and Defense: Research Issues, Gdansk, Poland, pp. 161–174 (September 2004)
Stoneburner, G.: Toward a unified security-safety model. IEEE Computer 39(8), 96–97 (2006)
Sun, M., Mohan, S., Sha, L., Gunter, C.: Addressing safety and security contradictions in cyber-physical systems. In: Proceedings of the 1st Workshop on Future Directions in Cyber-Physical Systems Security (CPSSW 2009), Newark, USA (July 2009)
U.S. Federal Aviation Administration (FAA). Safety and security extensions for Integrated Capability Maturity Models (September 2004)
Winther, R., Johnsen, O.-A., Gran, B.A.: Security Assessments of Safety Critical Systems Using HAZOPs. In: Voges, U. (ed.) SAFECOMP 2001. LNCS, vol. 2187, pp. 14–24. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Berlin Heidelberg
About this paper
Cite this paper
Sadvandi, S., Chapon, N., Piètre-Cambacédès, L. (2012). Safety and Security Interdependencies in Complex Systems and SoS: Challenges and Perspectives. In: Hammami, O., Krob, D., Voirin, JL. (eds) Complex Systems Design & Management. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25203-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-25203-7_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25202-0
Online ISBN: 978-3-642-25203-7
eBook Packages: EngineeringEngineering (R0)