Deriving and Formalising Safety and Security Requirements for Control Systems

Elena Troubitsyna; Inna Vistbakka

doi:10.1007/978-3-319-99130-6_8

Deriving and Formalising Safety and Security Requirements for Control Systems

Elena Troubitsyna, Inna Vistbakka

Information Technology

Research output: Chapter in Book/Conference proceeding › Conference contribution › Scientific › peer-review

11 Citations (Scopus)

Abstract

Safety-critical control systems become increasingly open and interconnected. However, there is still a lack of the techniques that enable an integrated analysis of safety and security requirements. In this paper, we propose an approach that allows the designers to derive and formalise safety and security requirements in a structured systematic way. To elicit both types of the requirements, we adapt and integrate traditional safety and security analysis techniques. To formally specify and verify them, we rely on Event-B framework. The framework allows us to develop a complex specification of system behaviour in presence of both accidental faults and security attacks and analyse mutual interdependencies between safety and security requirements.

Original language	Undefined/Unknown
Title of host publication	Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings
Editors	Barbara Gallina, Amund Skavhaug, Friedemann Bitsch
Publisher	Springer
Pages	107–122
ISBN (Electronic)	978-3-319-99130-6
ISBN (Print)	978-3-319-99129-0
DOIs	https://doi.org/10.1007/978-3-319-99130-6_8
Publication status	Published - 2018
MoE publication type	A4 Article in a conference publication
Event	International Conference on Computer Safety, Reliability, and Security, SAFECOMP - 37th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2018 Duration: 19 Sept 2018 → 21 Sept 2018

Conference

Conference	International Conference on Computer Safety, Reliability, and Security, SAFECOMP
Period	19/09/18 → 21/09/18

Keywords

Data flow
Event-B
Formal modelling
Refinement
Safety analysis
safety-critical systems

Access to Document

10.1007/978-3-319-99130-6_8

LARA: Learning and Assessing Risks for Enhancing Dependability of Autonomous Socio- Technical Systems
Troubitsyna, E. (Principal Investigator), Vistbakka, I. (Co-Investigator) & Majd, A. (Co-Investigator)
01/01/18 → 31/12/19
Project: Research Council of Finland/Other Research Councils

Cite this

Troubitsyna, E., & Vistbakka, I. (2018). Deriving and Formalising Safety and Security Requirements for Control Systems. In B. Gallina, A. Skavhaug, & F. Bitsch (Eds.), Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings (pp. 107–122). Springer. https://doi.org/10.1007/978-3-319-99130-6_8

@inproceedings{655bb76a6ae74f18a9bd152170321403,

title = "Deriving and Formalising Safety and Security Requirements for Control Systems",

abstract = "Safety-critical control systems become increasingly open and interconnected. However, there is still a lack of the techniques that enable an integrated analysis of safety and security requirements. In this paper, we propose an approach that allows the designers to derive and formalise safety and security requirements in a structured systematic way. To elicit both types of the requirements, we adapt and integrate traditional safety and security analysis techniques. To formally specify and verify them, we rely on Event-B framework. The framework allows us to develop a complex specification of system behaviour in presence of both accidental faults and security attacks and analyse mutual interdependencies between safety and security requirements.",

keywords = "Data flow, Event-B, Formal modelling, Refinement, Safety analysis, safety-critical systems, Data flow, Event-B, Formal modelling, Refinement, Safety analysis, safety-critical systems, Data flow, Event-B, Formal modelling, Refinement, Safety analysis, safety-critical systems",

author = "Elena Troubitsyna and Inna Vistbakka",

year = "2018",

doi = "10.1007/978-3-319-99130-6_8",

language = "Odefinierat/ok{\"a}nt",

isbn = "978-3-319-99129-0",

pages = "107–122",

editor = "Barbara Gallina and Amund Skavhaug and Friedemann Bitsch",

booktitle = "Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, V{\"a}ster{\aa}s, Sweden, September 19-21, 2018, Proceedings",

publisher = "Springer",

note = "International Conference on Computer Safety, Reliability, and Security, SAFECOMP ; Conference date: 19-09-2018 Through 21-09-2018",

}

Troubitsyna, E & Vistbakka, I 2018, Deriving and Formalising Safety and Security Requirements for Control Systems. in B Gallina, A Skavhaug & F Bitsch (eds), Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings. Springer, pp. 107–122, International Conference on Computer Safety, Reliability, and Security, SAFECOMP, 19/09/18. https://doi.org/10.1007/978-3-319-99130-6_8

Deriving and Formalising Safety and Security Requirements for Control Systems. / Troubitsyna, Elena; Vistbakka, Inna.
Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings. ed. / Barbara Gallina; Amund Skavhaug; Friedemann Bitsch. Springer, 2018. p. 107–122.

Research output: Chapter in Book/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Deriving and Formalising Safety and Security Requirements for Control Systems

AU - Troubitsyna, Elena

AU - Vistbakka, Inna

PY - 2018

Y1 - 2018

N2 - Safety-critical control systems become increasingly open and interconnected. However, there is still a lack of the techniques that enable an integrated analysis of safety and security requirements. In this paper, we propose an approach that allows the designers to derive and formalise safety and security requirements in a structured systematic way. To elicit both types of the requirements, we adapt and integrate traditional safety and security analysis techniques. To formally specify and verify them, we rely on Event-B framework. The framework allows us to develop a complex specification of system behaviour in presence of both accidental faults and security attacks and analyse mutual interdependencies between safety and security requirements.

AB - Safety-critical control systems become increasingly open and interconnected. However, there is still a lack of the techniques that enable an integrated analysis of safety and security requirements. In this paper, we propose an approach that allows the designers to derive and formalise safety and security requirements in a structured systematic way. To elicit both types of the requirements, we adapt and integrate traditional safety and security analysis techniques. To formally specify and verify them, we rely on Event-B framework. The framework allows us to develop a complex specification of system behaviour in presence of both accidental faults and security attacks and analyse mutual interdependencies between safety and security requirements.

KW - Data flow

KW - Event-B

KW - Formal modelling

KW - Refinement

KW - Safety analysis

KW - safety-critical systems

KW - Data flow

KW - Event-B

KW - Formal modelling

KW - Refinement

KW - Safety analysis

KW - safety-critical systems

KW - Data flow

KW - Event-B

KW - Formal modelling

KW - Refinement

KW - Safety analysis

KW - safety-critical systems

U2 - 10.1007/978-3-319-99130-6_8

DO - 10.1007/978-3-319-99130-6_8

M3 - Konferensbidrag

SN - 978-3-319-99129-0

SP - 107

EP - 122

BT - Computer Safety, Reliability, and Security 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings

A2 - Gallina, Barbara

A2 - Skavhaug, Amund

A2 - Bitsch, Friedemann

PB - Springer

T2 - International Conference on Computer Safety, Reliability, and Security, SAFECOMP

Y2 - 19 September 2018 through 21 September 2018

ER -

Deriving and Formalising Safety and Security Requirements for Control Systems

Abstract

Conference

Keywords

Access to Document

Projects

LARA: Learning and Assessing Risks for Enhancing Dependability of Autonomous Socio- Technical Systems

Cite this