Safety Architecture Pattern System with Security Aspects

  • Christopher PreschernEmail author
  • Nermin Kajtazovic
  • Christian Kreiner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10600)


This article builds a structured pattern system with safety patterns from literature and presents the safety patterns. The patterns are analyzed regarding their basic safety-related design decisions (safety tactics) and relationships between the patterns are structurally developed based on these safety tactics. To analyze security aspects, the STRIDE security analysis is used to list relevant threats for the patterns. The threats and the safety tactics are represented in Goal Structuring Notation diagrams as part of the patterns to enable security and safety reasoning.


Architecture patterns Safety Security Goal structuring notation STRIDE analysis 

Supplementary material


  1. Antonino, P.O., Keuler, T., Antonino, P.: Towards an approach to represent safety patterns. In: The Seventh International Conference on Software Engineering Advances (ICSEA), pp. 228–237 (2012)Google Scholar
  2. Armoush, A.: Design patterns for safety-critical embedded systems. Ph.D. thesis. RWTH Aachen University (2010)Google Scholar
  3. Avizienis, A., et al.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secure Comput. 1, 1 (2004)CrossRefGoogle Scholar
  4. Babar, M.A.: Improving the reuse of pattern-based knowledge in software architecting. In: EuroPLoP, Lero, Ireland, pp. 7–11 (2007)Google Scholar
  5. Bachmann, F., Bass, L., Klein, M.: Deriving architectural tactics: a step toward methodical architectural design. Techncial report, March, Carnegie Mellon Software Engineering Institute (2003)Google Scholar
  6. Buckley, I., Fernandez, E.B., Larrondo-Petrie, M.M.: Patterns combining reliability and security. In: The Third International Conferences on Pervasive Patterns and Applications, PATTERNS 2011 (2011)Google Scholar
  7. Buschmann, F., et al.: Pattern-Oriented Software Architecture: A System of Patterns. Wiley, Hoboken (1996)Google Scholar
  8. Cockram, T.J., Lautieri, S.R.: Combining security and safety principle in practice. In: 2nd Institution of Engineering and Technology International Conference on System Safety, pp. 159–164. IEEE (2007)Google Scholar
  9. Committee on National Security Systems: National Information Assurance Glossary. CNSS Instruction No. 4009 (2010)Google Scholar
  10. Daniels, F., Kim, K., Vouk, M.A.: The reliable hybrid pattern a generalized software fault tolerant design pattern. In: European Conference on Pattern Language of Programs (EuroPLoP), pp. 1–9 (1997)Google Scholar
  11. Dasarathy, B.: Cyber security definitions and academic landscape. In: NPSMA Workshop (2013)Google Scholar
  12. Douglass, B.P.: Safety-critical systems design. Electron. Eng. 70, 862 (1998)Google Scholar
  13. Douglass, B.P.: Real-Time Design Patterns: Robust Scalable Architecture for Real-Time Systems. Pearson, London (2002)Google Scholar
  14. Douglass, B.P.: Design Patterns for Embedded Systems in C. Elsevier, Amsterdam (2010)Google Scholar
  15. Douglass, B.P.: Software design architecture patterns for embedded systems, chap. In: Software Engineering for Embedded Systems. Elsevier (2013)Google Scholar
  16. Gawand, H., Mundada, R.S., Swaminathan, P.: Design patterns to implement safety and fault tolerance. Int. J. Comput. Appl. 18(2), 6–13 (2011)Google Scholar
  17. Grunske, L.: Transformational patterns for the improvement of safety properties in architectural specification. In: Proceedings of The Second Nordic Conference on Pattern Languages of Programs (VikingPLoP) (2003)Google Scholar
  18. GSN Working Group: GSN Community Standard Version 1 (2011).
  19. Halkidis, S.T., Chatzigeorgiou, A., Stephanides, G.: A qualitative evaluation of security patterns. In: Lopez, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 132–144. Springer, Heidelberg (2004). Scholar
  20. Halkidis, S., Chatzigeorgiou, A., Stephanides, G.: A qualitative analysis of software security patterns. Comput. Secur. 25(5), 379–392 (2006a)Google Scholar
  21. Halkidis, S.T., Chatzigeorgiou, A., Stephanides, G.: Quantitative evaluation of systems with security patterns using a fuzzy approach. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006. LNCS, vol. 4277, pp. 554–564. Springer, Heidelberg (2006b).
  22. Halkidis, S., Tsantalis, N., et al.: Architectural risk analysis of software systems based on security patterns. IEEE Trans. Dependable Secure Comput. 5(3), 129–142 (2008)CrossRefGoogle Scholar
  23. Hamid, B., Desnos, N., et al.: Model-based security and dependability patterns in RCES - the TERESA approach. In: Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems - S&D4RCES 2010. ACM Press (2010)Google Scholar
  24. Hamid, B., Geisel, J., Ziani, A., Bruel, J.-M., Perez, J.: Model-driven engineering for trusted embedded systems based on security and dependability patterns. In: Khendek, F., Toeroe, M., Gherbi, A., Reed, R. (eds.) SDL 2013. LNCS, vol. 7916, pp. 72–90. Springer, Heidelberg (2013). Scholar
  25. Hampton, P.: Survey of safety architectural patterns. In: Dale, C., Anderson, T. (eds.) Achieving Systems Safety, pp. 137–158. Springer, London (2012). Scholar
  26. Hanmer, R.S.: Patterns for Fault Tolerant Software. Wiley, Hoboken (2007)Google Scholar
  27. Hansen, K.: Security attack analysis of safety systems. In: IEEE Conference on Emerging Technologies and Factory Automation, pp. 1–4, September 2009Google Scholar
  28. Harrison, N.B., Avgeriou, P.: Incorporating fault tolerance tactics in software architecture patterns. In: Proceedings of the 2008 RISE/EFTS Joint International Workshop on Software Engineering for Resilient Systems - SERENE 2008. ACM Press (2008)Google Scholar
  29. Howard, M., LeBlanc, D.: Writing Secure Code. Microsoft Press (2003)Google Scholar
  30. Howard, M., Lipner, S.: The Security Development Lifecycle. Microsoft Press (2006)Google Scholar
  31. International Electrotechnical Commission: IEC 61508, Functional Safety of Electrical/ Electronic/ Programmable Electronic Safety Related Systems (2010)Google Scholar
  32. Johnson, C., Yepez, A.: Cyber security threats to safety-critical space-based infrastructures. In: Proceedings of the Fifth Conference of the International Association for the Advancement of Space Safety, no. 1 (2011a)Google Scholar
  33. Johnson, C., Yepez, A.: Mapping the impact of security threats on safety-critical global navigation satellite systems. In: Proceedings of the 29th International Systems Safety Society, no. 1. International Systems Safety Society (2011b)Google Scholar
  34. Kelly, T., Weaver, R.: The goal structuring notation, a safety argument notation. In: Proceedings of the Dependable Systems and Networks Conference (2004)Google Scholar
  35. Kumar, K., Prabhakar, T.V.: Design decision topology model for pattern relationship analysis. In: 1st Asian Conference on Pattern Languages of Programs (AsianPLoP 2010) (2010a)Google Scholar
  36. Kumar, K., Prabhakar, T.V.: Pattern-oriented knowledge model for architecture design. In: 17th Conference on Pattern Languages of Programs (PLoP) (2010b)Google Scholar
  37. Leveson, N.G.: Engineering a Safer World. MIT Press, Cambridge (2012)CrossRefGoogle Scholar
  38. Nai-Fovino, I., Masera, M., De-Cian, A.: Integrating cyber attacks within fault trees. Reliab. Eng. Syst. Saf. 94(9), 1394–1402 (2009)CrossRefGoogle Scholar
  39. Olivera, A.R.: Taim: a safety pattern repository. B.Sc. thesis. Federal University of Rio Grande do sul (2012)Google Scholar
  40. Preschern, C., Kajtazovic, N., Kreiner, C.: Built-in security enhancements for the 1oo2 safety architecture. In: International Conference on Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), pp. 103–108. IEEE (2012a)Google Scholar
  41. Preschern, C., Kajtazovic, N., Kreiner, C.: Catalog of security tactics linked to common criteria requirements. In: 19th Conference on Pattern Languages of Programs (PLoP) (2012b)Google Scholar
  42. Preschern, C., Kajtazovic, N., Kreiner, C.: Applying and evaluating architectural IEC 61508 safety patterns. In: 5th International Conference on Software Technology and Engineering (ICSTE) (2013a)Google Scholar
  43. Preschern, C., Kajtazovic, N., Kreiner, C.: Building a safety architecture pattern system. In: 18th European Conference on Pattern Languages of Programs (EuroPLoP) (2013b)Google Scholar
  44. Preschern, C., Kajtazovic, N., Kreiner, C.: Catalog of safety tactics in the light of the IEC 61508 safety lifecycle. In: VikingPLoP (2013c)Google Scholar
  45. Preschern, C., Kajtazovic, N., Kreiner, C.: Security analysis of safety patterns. In: 20th Conference on Pattern Languages of Programs (PLoP) (2013d)Google Scholar
  46. Pullum, L.: Software Fault Tolerance Techniques and Implementation. Artech House, Norwood (2001)zbMATHGoogle Scholar
  47. Rauhamäki, J., Kuikka, S.: Patterns for control system safety. In: 18th European Conference on Pattern Languages of Programs (VikingPLoP) (2013)Google Scholar
  48. Rauhamäki, J., Vepsäläinen, T., Kuikka, S.: Architectural patterns for functional safety. In: Nordic Conference on Pattern Languages of Programs (VikingPLoP) (2012)Google Scholar
  49. Rauhamäki, J., Vepsäläinen, T., Kuikka, S.: Patterns for safety and control system cooperation. In: Nordic Conference on Pattern Languages of Programs (VikingPLoP) (2013)Google Scholar
  50. Ryoo, J., Laplante, P., Kazman, R.: A methodology for mining security tactics from security patterns. In: 2010 43rd Hawaii International Conference on System Sciences, pp. 1–5. IEEE (2010)Google Scholar
  51. Saridakis, T.: A system of patterns for fault tolerance. In: EuroPLoP (2002)Google Scholar
  52. Sarma, U.V.R., Rampelli, S., Premchand, P.: A catalog of architectural design patterns for safety-critical real-time systems. Int. J. Eng. Res. Appl. 3(1), 125–131 (2013)Google Scholar
  53. Schaad, A., Borozdin, M.: TAM2: automated threat analysis. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 1103–1108. ACM (2012)Google Scholar
  54. Schaad, A., Garaga, A.: Automating architectural security analysis. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, pp. 131–132. ACM (2012)Google Scholar
  55. Schumacher, M.: Security Engineering with Patterns. LNCS, vol. 2754. Springer, Heidelberg (2003). Scholar
  56. Spriggs, J.: GSN—The Goal Structuring Notation: A Structured Approach to Presenting Arguments. Springer, London (2012). Scholar
  57. Steiner, M., Liggesmeyer, P.: Combination of safety and security analysis - finding security problems that threaten the safety of a system. In: Workshop on Dependable Embedded and Cyberphysical Systems - Held at the 32nd International Conference on Computer Safety, Reliability and Security (2013).
  58. Ugljesa, E., Wacker, H.: Modeling security aspects in safety environment. In: 7th International Conference on Electrical and Electronics Engineering, pp. 46–50 (2011)Google Scholar
  59. Wu, W.: Safety tactics for software architecture design. MA thesis. The University of York (2003)Google Scholar
  60. Wu, W.: Architectural reasoning for safety-critical software applications. Ph.D. thesis. University of York (2007)Google Scholar
  61. Yampolskiy, M., et al.: Systematic analysis of cyber-attacks on CPS-evaluating applicability of DFD-based approach. In: 5th International Symposium on Resilient Control Systems, pp. 55–62. IEEE, August 2012Google Scholar
  62. Yautsiukhin, A., Scandariato, R.: Towards a quantitative assessment of security in software architectures. In: 13th Nordic Workshop on Secure IT Systems (NordSec) (2008)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Christopher Preschern
    • 1
    Email author
  • Nermin Kajtazovic
    • 1
  • Christian Kreiner
    • 1
  1. 1.Institute for Technical InformaticsGraz University of TechnologyGrazAustria

Personalised recommendations