Abstract
Resilience is a generic property of dependable systems which is accomplished by adequate architecture features, such as redundancy or fail-safe behavior. Dependability of a system, however, embraces more: Protection of particular assets and defense against specific threats—such as unauthorized access to confidential information. The system is analyzed using a sophisticated risk management methodology. For each threat identified, essential mitigation measures or controls are defined and implemented to reduce the residual risk of the threat to an acceptable level. This chapter introduces a methodology and a number of illustrative principles for building dependable systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Allocco M (2010) Safety analyses of complex systems—considerations of software, firmware, hardware, human, and the environment. Wiley, Hoboken. ISBN 978-0-470-58770-6
Antonopoulos A (2017) Mastering bitcoin—unlocking digital cryptocurrencies, 2nd edn. O’Reilly, Farnham. ISBN 978-1-491-95438-6
Anwar S (2018) Fault tolerant drive by wire systems—impact on vehicle safety and reliability. Bentham Science, Sharjah. ISBN 978-1-6080-5667-5
Arduin P-E (2018) Insider threats. ISTE Ltd & Wiley, London & Hoboken. ISBN 978-1-848-21972-4
Aumasson J-P (2017) Serious cryptography—a practical introduction to modern encryption. No Starch Press, San Franciso. ISBN 978-1-5932-7826-7
Axelsson J (2015) Safety analysis for systems-of-systems. ERCIM NEWS 102:22–23. Special theme “Trustworthy Systems of Systems”. https://ercim-news.ercim.eu/images/stories/EN102/EN102-web.pdf. Accessed 7 Sep 2018
Bedau MA, Humphreys P (eds) (2008) Emergence—contemporary readings in philosophy and science. MIT Press, Cambridge. ISBN 978-0-262-02621-5
Bondavalli A, Bouchenak S, Kopetz H (eds) (2016) Cyber-physical systems of systems: foundations—a conceptual model and some derivations: the AMADEOS legacy. Springer Lecture Notes in Computer Science, Heidelberg. ISBN 978-3-319-47589-9
Bunn M, Sagan SD (eds) (2017) Insider threats. Cornell Studies in Security Affairs. Cornell University Press, Ithaca. ISBN 978-1-501-70517-5
Cappelli DM, Moore AP, Trzeciak RF (2012) The CERT guide to insider threats—how to prevent, detect, and respond to information technology crimes (SEI Series in Software Engineering). Addison Wesley, Boston. ISBN 978-0-321-81257-5
Cartea Á, Jaimungal S, Penalva J (2015) Algorithmic and high-frequency trading. Cambridge University Press, Cambridge. ISBN 978-1-107-09114-6
Charbonneau P (2017) Natural complexity—a modeling handbook. Princeton University Press, Princeton. ISBN 978-0-691-17035-0
Chio C, Freeman D (2018) Machine learning and security—protecting systems with data and algorithms. O’Reilly, Farnham. ISBN 978-1-491-97990-7
Thomas M (2012) Accidental systems, hidden assumptions, and safety assurance. In: Dale C, Anderson T (eds) Achieving systems safety. Proceedings of the twentieth safety-critical systems symposium, Bristol, 7–9 February 2012. Springer, Berlin. ISBN 978-1-447-12493-1
Dasgupta D, Roy A, Nag A (2017) Advances in user authentication. Springer, Berlin. ISBN 978-3-319-58806-3
De Florio F (2016) Airworthiness—an introduction to aircraft certification and operations, 3rd edn. Butterworth-Heinemann, Oxford. ISBN 978-0-081-00888-1
Elisan CC (2015) Advanced malware analysis. McGraw-Hill Education, New York. ISBN 978-0-071-81974-9
ERCIM NEWS (2015) Special theme “Trustworthy Systems of Systems” 102. https://ercim-news.ercim.eu/images/stories/EN102/EN102-web.pdf. Accessed 7 Sep 2018
Ericson CA (2015) Hazard analysis techniques for system safety, 2nd edn. Wiley, Hoboken. ISBN 978-1-118-94038-9
Fernandez-Buglioni E (2013) Security patterns in practice: designing secure architectures using software patterns. Wiley, Hoboken. ISBN 978-1-119-99894-5
Fiaschetti A, Noll J, Azzoni P, Uribeetxeberria R (eds) (2018) Measurable and composable security, privacy, and dependability for cyberphysical systems—the SHIELD methodology. Taylor & Francis, Boca Raton. ISBN 978-1-138-04275-9
Flammini F (ed) (2012) Railway safety, reliability, and security—technologies and systems engineering. Information Science Reference (IGI Global), Hershey. ISBN 978-1-4666-1643-1
Halperin D, Heydt-Benjamin TS, Ransford B, Clark SS, Defend B, Morgan W, Fu K, Kohno T, Maisel WH (2008) Pacemakers and implantable cardiac defibrillators—software radio attacks and zero-power defenses. In: 2008 IEEE symposium on security and privacy. https://www.secure-medicine.org/hubfs/public/publications/icd-study.pdf. Accessed 3 Sep 2018
Hanssen GK, Stålhane T, Myklebust T (2018) Safescrum—agile development of safety-critical software. Springer, Berlin. ISBN 978-3-319-99333-1
Hobbs C (2015) Embedded software development for safety-critical systems. Taylor & Francis, Boca Raton. ISBN 978-1-498-72670-2
Hoffman J (2014) Intruders at the gate—building an effective malware defense system. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-5004-7957-2
Hofmann-Wellenhof B, Lichtenegger H, Collins J (2001) Global positioning system—theory and practice, 5th edn. Springer-Verlag. ISBN 978-3-211-83534-0
Hollnagel E (2014) Safety-I and safety-II—the past and future of safety management. Routledge, Abingdon. ISBN 978-1-4724-2308-5
Huizinga D, Kolawa A (2007) Automated defect prevention—best practices in software management. Wiley-IEEE Computer Society Press, Hoboken. ISBN 978-0-470-04212-0
Janicak CA (2015) Safety metrics—tools and techniques for measuring safety performance. Bernan Print, Lanham. ISBN 978-1-5988-8754-9
Kaplan JM, Bailey T, O’Halloran D, Marcus A, Rezek C (2015) Beyond cybersecurity—protecting your digital business. Wiley, Hoboken. ISBN 978-1-119-02684-6
Kopetz H (2011) Real-time systems—design principles for distributed embedded applications. Springer, Berlin. ISBN 978-1-4419-8237-7
Kshetri Nr (2010) The global cybercrime industry—economic, institutional and strategic perspectives. Springer, Heidelberg. ISBN 978-3-642-11521-9
Lee EA, Seshia SA (2017) Introduction to embedded systems—a cyber-physical systems approach, 2nd edn. MIT Press, Cambridge. ISBN 978-0-262-53381-2
Leveson NG (2011) Engineering a safer world—systems thinking applied to safety. MIT Press, Cambridge. ISBN 978-0-262-01662-9
Li S, Xu LD (2017) Securing the internet of things. Syngress, Cambridge. ISBN 978-0-12-804458-2
Liska A, Gallo T (2016) Ransomware—defending against digital extortion. O’Reilly, Farnham. ISBN 978-1-491-96788-1
Liu S, Li L, Tang J, Wu S, Gaudiot J-L (2017) Creating autonomous vehicle systems. Morgan & Claypool, San Rafael. ISBN 978-1-681-73007-3
Maguire R (2006) Safety cases and safety reports—meaning, motivation and management. CRC Press, Boca Raton. ISBN 978-0-754-64649-5
Maier PQ (2006) Audit and trace log management—consolidation and analysis. Auerbach, Boca Raton. ISBN 978-0-849-32725-4
Matulevičius R (2017) Fundamentals of secure system modelling. Springer, Berlin. ISBN 978-3-319-61716-9
McKay KA, Bassham L, Turan MS, Mouha N (2017) Report on lightweight cryptography (US National Institute of Standards and Technology Report NISTIR 8114). CreateSpace Independent Publishing Platform. ISBN 978-1-9811-1346-0. https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8114.pdf. Accessed 9 Sep 2018
Merkow MS, Raghavan L (2010) Secure and resilient software development. Auerbach Publications (Taylor & Francis), Boca Raton. ISBN 978-1-439-82696-6
Merkow MS, Raghavan L (2011) Secure and resilient software—requirements, test cases, and testing methods. Auerbach Publications (Taylor & Francis), Boca Raton. ISBN 978-1-439-86621-4
Mittal S, Diallo S, Tolk A (eds) (2018) Emergent behaviour in complex systems—a modeling and simulation approach. Wiley, Hoboken. ISBN 978-1-119-37886-0
Moore R (2010) Cybercrime—investigating high-technology computer crime, 2nd edn. Anderson Publishing, Oxon. ISBN 978-1-4377-5582-4
Myklebust T, Stålhane T (2018) The agile safety case. Springer, Berlin. ISBN 978-3-319-70264-3
Nahas M (2013) Time-triggered embedded systems—bridging the gap between scheduling algorithms and scheduler implementations in time-triggered embedded systems. LAP Lambert Academic Publishing, Saarbrücken. ISBN 978-3-6593-8047-1
Nielson F, Nielson HR, Hankin C (2004) Principles of program analysis, 2nd edn. Springer, Berlin. ISBN 978-3-540-65410-0
Obermaisser R (2011) Time-triggered communication. CRC Press, Boca Raton. ISBN 978-1-439-84661-2
Oriyano S-P (2016) Penetration testing essentials. Sybex, Hoboken. ISBN 978-1-119-23530-9
Owen T, Noble W, Speed FC (2019) New perspectives on cybercrime (Palgrave Studies in Cybercrime and Cybersecurity). Palgrave Macmillan, New York. ISBN 978-3-319-85258-4
Paar C, Pelzl J (2010) Understanding cryptography—a textbook for students and practitioners. Springer, Berlin. ISBN 978-3-642-04100-6
Perez E (2013) Knightmare on wall street—the rise and fall of knight capital and the biggest risk for financial markets. Edgar Perez. New York, N.Y., USA. ISBN 978-0-9896577-0-9
Pont MJ (2017) The engineering of reliable embedded systems—developing software for ‘sil 0’ to ‘sil 3’ designs using time-triggered architectures. SafeTTy Systems, Great Dalby. ISBN 978-0-9930-3554-8
Poschmann A (2009) Lightweight cryptography—cryptographic engineering for a pervasive world. Bochumer Universitätsverlag Westdeutscher Universitätsverlag, Bochum. ISBN 978-3-89966-341-9
Raj P, Raman AC (2017) The internet of things—enabling technologies, platforms, and use cases. Taylor & Francis, Boca Raton. ISBN 978-1-498-76128-4
Ransome J, Misra A (2013) Core software security—security at the source. Taylor & Francis, Boca Raton. ISBN 978-1-466-56095-6
Rerup N, Aslaner M (2018) Hands-on cybersecurity for architects—plan and design robust security architectures. Packt, Birmingham. ISBN 978-1-7888-3026-3
Rierson L (2013) Developing safety-critical software—a practical guide for aviation software and DO-178C compliance. Taylor & Francis, Boca Raton. ISBN 978-1-439-81368-3
Ross H-L (2016) Functional safety for road vehicles—new challenges and solutions for e-mobility and automated driving. Springer International, Switzerland. ISBN 978-3-319-33360-1
Rushby JM (2001) Bus-architectures for safety-critical embedded systems. In: EMSOFT 01 Proceedings of the first International Workshop on Embedded Software, 8–10 October 2001, 306–323. Springer, Berlin. ISBN 3-540-42673-6
Rushby J (1999) Systematic formal verification for fault-tolerant time-triggered algorithms. IEEE 25(5):651–661. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.174.7976&rep=rep1&type=pdf. Accessed 20 Dec 2018
Sabella A, Irons-Mclean R, Yannuzzi M (2018) Orchestrating and automating security for the internet of things—delivering advanced security capabilities from edge to cloud for IoT. Cisco Systems, Indianapolis. ISBN 978-1-5871-4503-2
Saxe J, Sanders H (2018) Malware data science—attack detection and attribution. No Starch Press, San Francisco. ISBN 978-1-5932-7859-5
Schoenfield BSE (2015) Securing systems—applied security architecture and threat models. CRC Press, Boca Raton. ISBN 978-1-482-23397-1
Sethna JP (2006) Entropy, order parameters, and complexity. Oxford University Press, Oxford. ISBN 978-0-19-856677-9
Shein R (2004) Zero-day exploit—countdown to darkness. Syngress, Rockland. ISBN 978-1-931836-09-8
Shemanske TR (2017) Modern cryptography and elliptic curves—a beginner’s guide. American Mathematical Society, Rhode Island. ISBN 978-1-470-43582-0
Smith DJ, Simpson KGL (2010) Safety critical systems handbook—a straight forward guide to functional safety, IEC 61508 (2010 EDITION) and related standards, including process IEC 61511 and machinery IEC 62061 and ISO 13849, 3rd edn. Butterworth-Heinemann, Oxford. ISBN 978-0-080-96781-3
Smith S (2017) The internet of risky things—trusting the devices that surround us. O’Reilly, Farnham. ISBN 978-1-491-96362-3
Tech S (2016) Malware—malware detection & threats made easy!, 2nd edn. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-5236-9310-8
Steinhardt G (ed) (2016) The faculty of informatics—key technology of the information society. Böhlau, Wien. ISBN 978-3-205-20129-8
Swan M (2015) Blockchain—blueprint for a new economy. O’Reilly and Associates, Farnham. ISBN 978-1-491-92049-7
Talukder AK, Chaitanya M (2008) Architecting secure software systems. Auerbach Publishers, Boca Raton. ISBN 978-1-420-08784-0
Todorov D (2007) Mechanics of user identification and authentication—fundamentals of identity management. Auerbach Publishers, Boca Raton. ISBN 978-1-420-05219-0
Tsiatsis V, Mulligan C, Karnouskos S, Holler J, Boyle D (2014) From machine-to-machine to the internet of things—introduction to a new age of intelligence. Academic Press, Amsterdam. ISBN 978-0-124-07684-6
Vacca JR (2018) Computer forensics—computer crime scene investigation, 3rd edn. Jones & Bartlett, Sudbury. ISBN 978-0-7637-7997-9
Wall DS (2007) Cybercrime—the transformation of crime in the information age. Polity, Cambridge. ISBN 978-0-7456-2736-6
White RA (2018) Cybercrime—the madness behind the methods. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-9798-4857-2
Wildhaber B, Hagmann J, Burgwinkel D, Holländer S, Neuenschwander P, Spichty D (2017) Information governance—a practical guide: how to regain control over your information. The Swiss Information Governance Competence Center. Zollikon, Switzerland. ISBN 978-3-9524430-3-3
Wong W (2018) The risk management of safety and dependability—a guide for directors, managers and engineers. Woodhead Publishing, Illinois. ISBN 978-0-0810-1439-4
Zhuge H (2012) The knowledge grid—toward cyber-physical society, 2nd edn. World Scientific Publishing Company, Singapore. ISBN 978-9-8142-9177-4
Zongo P (2018) The five anchors of cyber-resilience—why some enterprises are hacked into bankruptcy while others easily bounce back. Broadcast Books, Sydney. ISBN 978-0-6480078-4-5
Zongo P (2018b) The five anchors of cyber resilience—why some enterprises are hacked into bankruptcy, while others easily bounce back. CISO Advisory. ISBN 978-0-6480-0784-5. https://cisoadvisory.com.au/
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2019 Springer Fachmedien Wiesbaden GmbH, part of Springer Nature
About this chapter
Cite this chapter
Furrer, F.J. (2019). Architecture Principles for Dependability. In: Future-Proof Software-Systems. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-19938-8_14
Download citation
DOI: https://doi.org/10.1007/978-3-658-19938-8_14
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-19937-1
Online ISBN: 978-3-658-19938-8
eBook Packages: Computer Science and Engineering (German Language)