Skip to main content
SpringerLink
Log in

Towards Safety and Security Co-engineering

Challenging Aspects for a Consistent Intertwining

  • Conference paper
  • First Online:
Security and Safety Interplay of Intelligent Software Systems (CSITS 2018, ISSA 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11552))

Abstract

The emergence of systems identified as both safety and security critical has motivated research and industry to search for novel approaches to conduct multi-concern engineering (co-engineering). But several aspects and issues have arisen during the process what has limited the advances. Among them, there are the specificities found in concepts, methods and development cycles, the current standalone practices of safety and security, and the lack of consolidated metrics for safety-security assessment. This paper presents synthetic discussions on referred topics along with some suggestions for solutions and perspectives.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. SAE International : ARP4754A - Guidelines for Development of Civil Aircraft and Systems. SAE International (2010). https://www.sae.org/standards/content/arp4754a/

  2. International Organization for Standardization: ISO 26262 - Road vehicles - Functional safety. ISO (2011). https://www.iso.org/standard/43464.html

  3. International Organization for Standardization: ISO 27005 - Information technology - Security techniques - Information security risk management. ISO (2018). https://www.iso.org/standard/75281.html

  4. Agence Nationale de la Sécurité des Systèmes d’Information: EBIOS - Expression des Besoins et Identification des Objectifs de Sécurité. ANSSI (2010). https://www.ssi.gouv.fr/guide/ebios-2010-expression-des-besoins-et-identification-des-objectifs-de-securite/

  5. European Organization for Civil Aviation Equipment: ED202 - Airworthiness Security Process Specification. EUROCAE (2014). https://eurocae.net/

  6. European Organization for Civil Aviation Equipment: ED203 - Airworthiness Security Methods and Considerations. EUROCAE (2018). https://eurocae.net/

  7. International Electrotechnical Commission: IEC 61508 - Functional safety of electrical/electronic/programmable electronic safety-related systems. IEC (2010). https://webstore.iec.ch/publication/22273

  8. Pedroza, G., Idrees, M.S., Apvrille, L., Roudier, Y.: A formal methodology applied to secure over-the-air automotive applications. In: Proceedings on Vehicular Technology Conference (VTC Fall), pp. 1–5. IEEE, San Francisco (2011)

    Google Scholar 

  9. Hamid, B., Gürgens, S., Fuchs, A.: Security patterns modeling and formalization for pattern-based development of secure software systems. J. Innov. Syst. Softw. Eng. 12(2), 109–140 (2016)

    Article  Google Scholar 

  10. Object Management Group: Unified Modeling Language Specification. OMG (2017). https://www.omg.org/spec/UML/About-UML/

  11. Object Management Group: System Modeling Language Specification. OMG (2017). https://www.omg.org/spec/SysML/About-SysML/

  12. Holm, H.: A large-scale study of the time required to compromise a computer system. In: IEEE Proceedings of Transactions on Dependable and Secure Computing, vol. 11, no. 1, pp. 2–15, January–February 2014

    Google Scholar 

  13. Fovino, I.N., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliab. Eng. Syst. Saf. 94(9), 1394–1402 (2009). ScienceDirect, LNCS Elsevier

    Article  Google Scholar 

  14. Institut pour la Maîtrise des Risques: Experimentation of the new reliability prediction method FIDES. IMDR (2017). https://eeepitnl.tksc.jaxa.jp/mews/en/20th/data/1_10.pdf

  15. U.S. Senate-Committee on Commerce, Science, and Transportation: A “Kill Chain” Analysis of the 2013 Target Data Breach-March 26 2013. USA (2014). https://www.commerce.senate.gov/public/

  16. Object Management Group (2019). https://www.omg.org

  17. The Eclipse Foundation: Papyrus (2019). https://www.eclipse.org/papyrus/

Download references

Author information

Authors and Affiliations

  1. CEA, LIST, Point Courrier 174, 91191, Gif-sur-Yvette, France

    Gabriel Pedroza

Authors
  1. Gabriel Pedroza
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gabriel Pedroza .

Editor information

Editors and Affiliations

  1. University of Toulouse, Toulouse, France

    Brahim Hamid

  2. Mälardalen University, Västerås, Sweden

    Barbara Gallina

  3. Ben-Gurion University, Beer-Sheva, Israel

    Asaf Shabtai

  4. Ben-Gurion University, Beer-Sheva, Israel

    Yuval Elovici

  5. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pedroza, G. (2019). Towards Safety and Security Co-engineering. In: Hamid, B., Gallina, B., Shabtai, A., Elovici, Y., Garcia-Alfaro, J. (eds) Security and Safety Interplay of Intelligent Software Systems. CSITS ISSA 2018 2018. Lecture Notes in Computer Science(), vol 11552. Springer, Cham. https://doi.org/10.1007/978-3-030-16874-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-16874-2_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-16873-5

  • Online ISBN: 978-3-030-16874-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation