Combined Approach for Safety and Security

  • Siddhartha Verma
  • Thomas GruberEmail author
  • Christoph SchmittnerEmail author
  • P. PuschnerEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11699)


With evolution in Cyber-Physical Systems, the dependence and conflicts among dependability attributes (safety, security, reliability, availability etc) have become increasingly complex. We can not consider these dependability attributes in isolation, therefore, combined approaches for safety, security and other attributes are required. In this document, we provide a matrix based approach (inspired from ANP (Analytical Network Process)) for combined risk assessment for safety and security. This approach allows combined risk assessment considering dependence and conflict among attributes. The assessment results for different dependability attributes (such as safety, security etc.) are provided in the ANP matrix. We will discuss approaches such as Fault Tree Analysis (FTA), Stochastic Colored Petri Net (SCPN) Analysis, Attack Tree Analysis (ATA), Failure Mode Vulnerability and Effect Analysis (FMVEA) for evaluation of concerned attributes and achieving our goal of combined assessment.


FTA FTDMP SCPN ATA FMVEA ANP Safety Security Combined risk assessment 



The work published here has received funding from the AQUAS project, under grant agreement No. 737475. The project is co-funded by grants from Austria, the Czech republic, Germany, Italy, France, Spain, The UK, and ECSEL JU.


  1. 1.
    Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)Google Scholar
  2. 2.
    Ryoo, J., Kazman, R., Anand, P.: Architectural analysis for security (2015)Google Scholar
  3. 3.
    Stolte, T., Bagschik, G., Reschka, A., Maurer, M.: Hazard analysis and risk assessment for an automated unmanned protective vehicle (2017)Google Scholar
  4. 4.
    Ma, Z., Schmittner, C.: Threat modeling for automotive security analysis Google Scholar
  5. 5.
    Macher, G., Sporer, H., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method (2015)Google Scholar
  6. 6.
    Schmittner, C., Gruber, T., Puschner, P., Schoitsch, E.: Security application of failure mode and effect analysis (FMEA). In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 310–325. Springer, Cham (2014). CrossRefGoogle Scholar
  7. 7.
    Satty, T.L.: The AHP and ANP: applications to decisions under risk (2008)Google Scholar
  8. 8.
    Kadoic, N., Redep, N., Divjak, B.: Decision Making with the Analytic Network ProcessGoogle Scholar
  9. 9.
    Satty, T.L.: How to make a decision: the analytic hierarchy process (1990)Google Scholar
  10. 10.
    Satty, T.L.: The Analytic Network ProcessGoogle Scholar
  11. 11.
    Pentti, H., Helminen, A.: FMEA of software-based automation systems (2002)Google Scholar
  12. 12.
    Reifer, D.J.: Software failure modes and effects analysis (1979)Google Scholar
  13. 13.
    Kabir, S.: An overview of FTA and its application in model based dependability analysis (2017)Google Scholar
  14. 14.
    Peeters, J.F.W., Basten, R.J.I., Tinga, T: Improving failure analysis efficiency by combining FTA and FMEA in a recursive manner (2018)Google Scholar
  15. 15.
    Rausand, M., Hoyland, A.: System Reliability Theory (2004)Google Scholar
  16. 16.
    Talebberrouane, M., Khan, F., Lounis, Z.: Availability analysis of safety critical systems using advanced fault tree and stochastic Petri net formalisms (2016)Google Scholar
  17. 17.
    Squair, M.: System Safety: M9 FTA V1.1: UNSW Canberra (2015)Google Scholar
  18. 18.
    Morant, A., Gustafson, A., Söderholm, P., Kraik, P., Kumar, U.: Safety and availability evaluation of railway operation based on the state of signaling systemsGoogle Scholar
  19. 19.
    Alizadeh, S., Sriramula, S.: Unavailability assessment of redundant safety instrumented systems subject to process demand. University of Aberdeen, UK (2017)Google Scholar
  20. 20.
    Bobbio, A.: System modelling with petri nets. Istituto Elettrotecnico Nazionale Galileo Ferraris Strada delle Cacce 91, 10135 Torino, Italy (1990)Google Scholar
  21. 21.
    Wang, J.: Petri nets for dynamic event-driven system modeling. Department of Software Engineering, Monmouth UniversityGoogle Scholar
  22. 22.
    Marsan, M.A.: Stochastic petri nets: an elementary introduction. Dipartimento di Scienze dell’ Informazione, Universita di Milano, ItalyGoogle Scholar
  23. 23.
    Hillston, J.: Performance modelling: lecture 7 stochastic petri nets. School of Informatics. The University of Edinburgh, Scotland (2017)Google Scholar
  24. 24.
    Balbo, G.: Introduction to GSPN. In: 7-th International School on Formal Methods for the Design of Computer, Communication and Software Systems (2007)Google Scholar
  25. 25.
    Liu, Z., et al.: RAMS analysis of hybrid redundancy system of subsea blowout preventer based on SPN (2013)Google Scholar
  26. 26.
    Gehlot, V., Nigro, C.: An introduction to systems modeling and simulation with colored petri nets. In: Proceedings of the 2010 Winter Simulation Conference (2010)Google Scholar
  27. 27.
    TimeNET: Tool for the performability evaluation, stochastic colored petri netsGoogle Scholar
  28. 28.
    Flammini, F., Marrone, S., Vittorini, V.: PN modelling of physical vulnerabilityGoogle Scholar
  29. 29.
    Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. University of Twente, The Netherlands (2010)Google Scholar
  30. 30.
    Zhan, Z., Xu, M., Xu, S.: Predicting cyber attack rates with extreme valuesGoogle Scholar
  31. 31.
    Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). CrossRefGoogle Scholar
  32. 32.
    Kumar, R.: Truth or dare: quantitative security risk analysis using attack trees. Ph.D. Thesis, University of Twente (2018)Google Scholar
  33. 33.
    Petschnigg, C., et al.: SAFURE - architecture models and patterns for safety and security (2016)Google Scholar
  34. 34.
    Mokhtara, B., Azab, M.: Survey on security issues in vehicular ad hoc networks. Alexandria Eng. J. 54, 1115–1126 (2015)CrossRefGoogle Scholar
  35. 35.
    Du, S., Zhu, H.: Security assessment via attack tree model. In: Du, S., Zhu, H. (eds.) Security Assessment in Vehicular Networks. Springer, New York, NY (2013). Scholar
  36. 36.
    Schmittner, C., Ma, Z., Reyes, C., Dillinger, O., Puschner, P.: Using SAE J3061 for automotive security requirement engineering. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 157–170. Springer, Cham (2016). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Austrian Institute of TechnologyViennaAustria
  2. 2.Vienna University of Technology, Institute of Computer EngineeringViennaAustria

Personalised recommendations