Skip to main content
SpringerLink
Log in

Architecture Principles for Dependability

  • Chapter
  • First Online:
Future-Proof Software-Systems

  • 1213 Accesses

Abstract

Resilience is a generic property of dependable systems which is accomplished by adequate architecture features, such as redundancy or fail-safe behavior. Dependability of a system, however, embraces more: Protection of particular assets and defense against specific threats—such as unauthorized access to confidential information. The system is analyzed using a sophisticated risk management methodology. For each threat identified, essential mitigation measures or controls are defined and implemented to reduce the residual risk of the threat to an acceptable level. This chapter introduces a methodology and a number of illustrative principles for building dependable systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Allocco M (2010) Safety analyses of complex systems—considerations of software, firmware, hardware, human, and the environment. Wiley, Hoboken. ISBN 978-0-470-58770-6

    Google Scholar 

  2. Antonopoulos A (2017) Mastering bitcoin—unlocking digital cryptocurrencies, 2nd edn. O’Reilly, Farnham. ISBN 978-1-491-95438-6

    Google Scholar 

  3. Anwar S (2018) Fault tolerant drive by wire systems—impact on vehicle safety and reliability. Bentham Science, Sharjah. ISBN 978-1-6080-5667-5

    Google Scholar 

  4. Arduin P-E (2018) Insider threats. ISTE Ltd & Wiley, London & Hoboken. ISBN 978-1-848-21972-4

    Book  Google Scholar 

  5. Aumasson J-P (2017) Serious cryptography—a practical introduction to modern encryption. No Starch Press, San Franciso. ISBN 978-1-5932-7826-7

    MATH  Google Scholar 

  6. Axelsson J (2015) Safety analysis for systems-of-systems. ERCIM NEWS 102:22–23. Special theme “Trustworthy Systems of Systems”. https://ercim-news.ercim.eu/images/stories/EN102/EN102-web.pdf. Accessed 7 Sep 2018

  7. Bedau MA, Humphreys P (eds) (2008) Emergence—contemporary readings in philosophy and science. MIT Press, Cambridge. ISBN 978-0-262-02621-5

    Google Scholar 

  8. Bondavalli A, Bouchenak S, Kopetz H (eds) (2016) Cyber-physical systems of systems: foundations—a conceptual model and some derivations: the AMADEOS legacy. Springer Lecture Notes in Computer Science, Heidelberg. ISBN 978-3-319-47589-9

    Google Scholar 

  9. Bunn M, Sagan SD (eds) (2017) Insider threats. Cornell Studies in Security Affairs. Cornell University Press, Ithaca. ISBN 978-1-501-70517-5

    Google Scholar 

  10. Cappelli DM, Moore AP, Trzeciak RF (2012) The CERT guide to insider threats—how to prevent, detect, and respond to information technology crimes (SEI Series in Software Engineering). Addison Wesley, Boston. ISBN 978-0-321-81257-5

    Google Scholar 

  11. Cartea Á, Jaimungal S, Penalva J (2015) Algorithmic and high-frequency trading. Cambridge University Press, Cambridge. ISBN 978-1-107-09114-6

    MATH  Google Scholar 

  12. Charbonneau P (2017) Natural complexity—a modeling handbook. Princeton University Press, Princeton. ISBN 978-0-691-17035-0

    Book  Google Scholar 

  13. Chio C, Freeman D (2018) Machine learning and security—protecting systems with data and algorithms. O’Reilly, Farnham. ISBN 978-1-491-97990-7

    Google Scholar 

  14. Thomas M (2012) Accidental systems, hidden assumptions, and safety assurance. In: Dale C, Anderson T (eds) Achieving systems safety. Proceedings of the twentieth safety-critical systems symposium, Bristol, 7–9 February 2012. Springer, Berlin. ISBN 978-1-447-12493-1

    Google Scholar 

  15. Dasgupta D, Roy A, Nag A (2017) Advances in user authentication. Springer, Berlin. ISBN 978-3-319-58806-3

    Book  Google Scholar 

  16. De Florio F (2016) Airworthiness—an introduction to aircraft certification and operations, 3rd edn. Butterworth-Heinemann, Oxford. ISBN 978-0-081-00888-1

    Google Scholar 

  17. Elisan CC (2015) Advanced malware analysis. McGraw-Hill Education, New York. ISBN 978-0-071-81974-9

    Google Scholar 

  18. ERCIM NEWS (2015) Special theme “Trustworthy Systems of Systems” 102. https://ercim-news.ercim.eu/images/stories/EN102/EN102-web.pdf. Accessed 7 Sep 2018

  19. Ericson CA (2015) Hazard analysis techniques for system safety, 2nd edn. Wiley, Hoboken. ISBN 978-1-118-94038-9

    Google Scholar 

  20. Fernandez-Buglioni E (2013) Security patterns in practice: designing secure architectures using software patterns. Wiley, Hoboken. ISBN 978-1-119-99894-5

    Google Scholar 

  21. Fiaschetti A, Noll J, Azzoni P, Uribeetxeberria R (eds) (2018) Measurable and composable security, privacy, and dependability for cyberphysical systems—the SHIELD methodology. Taylor & Francis, Boca Raton. ISBN 978-1-138-04275-9

    Google Scholar 

  22. Flammini F (ed) (2012) Railway safety, reliability, and security—technologies and systems engineering. Information Science Reference (IGI Global), Hershey. ISBN 978-1-4666-1643-1

    Google Scholar 

  23. Halperin D, Heydt-Benjamin TS, Ransford B, Clark SS, Defend B, Morgan W, Fu K, Kohno T, Maisel WH (2008) Pacemakers and implantable cardiac defibrillators—software radio attacks and zero-power defenses. In: 2008 IEEE symposium on security and privacy. https://www.secure-medicine.org/hubfs/public/publications/icd-study.pdf. Accessed 3 Sep 2018

  24. Hanssen GK, Stålhane T, Myklebust T (2018) Safescrum—agile development of safety-critical software. Springer, Berlin. ISBN 978-3-319-99333-1

    Book  Google Scholar 

  25. Hobbs C (2015) Embedded software development for safety-critical systems. Taylor & Francis, Boca Raton. ISBN 978-1-498-72670-2

    Google Scholar 

  26. Hoffman J (2014) Intruders at the gate—building an effective malware defense system. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-5004-7957-2

    Google Scholar 

  27. Hofmann-Wellenhof B, Lichtenegger H, Collins J (2001) Global positioning system—theory and practice, 5th edn. Springer-Verlag. ISBN 978-3-211-83534-0

    Google Scholar 

  28. Hollnagel E (2014) Safety-I and safety-II—the past and future of safety management. Routledge, Abingdon. ISBN 978-1-4724-2308-5

    Google Scholar 

  29. Huizinga D, Kolawa A (2007) Automated defect prevention—best practices in software management. Wiley-IEEE Computer Society Press, Hoboken. ISBN 978-0-470-04212-0

    Book  Google Scholar 

  30. Janicak CA (2015) Safety metrics—tools and techniques for measuring safety performance. Bernan Print, Lanham. ISBN 978-1-5988-8754-9

    Google Scholar 

  31. Kaplan JM, Bailey T, O’Halloran D, Marcus A, Rezek C (2015) Beyond cybersecurity—protecting your digital business. Wiley, Hoboken. ISBN 978-1-119-02684-6

    Book  Google Scholar 

  32. Kopetz H (2011) Real-time systems—design principles for distributed embedded applications. Springer, Berlin. ISBN 978-1-4419-8237-7

    Book  Google Scholar 

  33. Kshetri Nr (2010) The global cybercrime industry—economic, institutional and strategic perspectives. Springer, Heidelberg. ISBN 978-3-642-11521-9

    Book  Google Scholar 

  34. Lee EA, Seshia SA (2017) Introduction to embedded systems—a cyber-physical systems approach, 2nd edn. MIT Press, Cambridge. ISBN 978-0-262-53381-2

    MATH  Google Scholar 

  35. Leveson NG (2011) Engineering a safer world—systems thinking applied to safety. MIT Press, Cambridge. ISBN 978-0-262-01662-9

    Google Scholar 

  36. Li S, Xu LD (2017) Securing the internet of things. Syngress, Cambridge. ISBN 978-0-12-804458-2

    Google Scholar 

  37. Liska A, Gallo T (2016) Ransomware—defending against digital extortion. O’Reilly, Farnham. ISBN 978-1-491-96788-1

    Google Scholar 

  38. Liu S, Li L, Tang J, Wu S, Gaudiot J-L (2017) Creating autonomous vehicle systems. Morgan & Claypool, San Rafael. ISBN 978-1-681-73007-3

    Google Scholar 

  39. Maguire R (2006) Safety cases and safety reports—meaning, motivation and management. CRC Press, Boca Raton. ISBN 978-0-754-64649-5

    Google Scholar 

  40. Maier PQ (2006) Audit and trace log management—consolidation and analysis. Auerbach, Boca Raton. ISBN 978-0-849-32725-4

    Google Scholar 

  41. Matulevičius R (2017) Fundamentals of secure system modelling. Springer, Berlin. ISBN 978-3-319-61716-9

    Book  Google Scholar 

  42. McKay KA, Bassham L, Turan MS, Mouha N (2017) Report on lightweight cryptography (US National Institute of Standards and Technology Report NISTIR 8114). CreateSpace Independent Publishing Platform. ISBN 978-1-9811-1346-0. https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8114.pdf. Accessed 9 Sep 2018

  43. Merkow MS, Raghavan L (2010) Secure and resilient software development. Auerbach Publications (Taylor & Francis), Boca Raton. ISBN 978-1-439-82696-6

    Book  Google Scholar 

  44. Merkow MS, Raghavan L (2011) Secure and resilient software—requirements, test cases, and testing methods. Auerbach Publications (Taylor & Francis), Boca Raton. ISBN 978-1-439-86621-4

    Book  Google Scholar 

  45. Mittal S, Diallo S, Tolk A (eds) (2018) Emergent behaviour in complex systems—a modeling and simulation approach. Wiley, Hoboken. ISBN 978-1-119-37886-0

    Google Scholar 

  46. Moore R (2010) Cybercrime—investigating high-technology computer crime, 2nd edn. Anderson Publishing, Oxon. ISBN 978-1-4377-5582-4

    Google Scholar 

  47. Myklebust T, Stålhane T (2018) The agile safety case. Springer, Berlin. ISBN 978-3-319-70264-3

    Book  Google Scholar 

  48. Nahas M (2013) Time-triggered embedded systems—bridging the gap between scheduling algorithms and scheduler implementations in time-triggered embedded systems. LAP Lambert Academic Publishing, Saarbrücken. ISBN 978-3-6593-8047-1

    Google Scholar 

  49. Nielson F, Nielson HR, Hankin C (2004) Principles of program analysis, 2nd edn. Springer, Berlin. ISBN 978-3-540-65410-0

    MATH  Google Scholar 

  50. Obermaisser R (2011) Time-triggered communication. CRC Press, Boca Raton. ISBN 978-1-439-84661-2

    Book  Google Scholar 

  51. Oriyano S-P (2016) Penetration testing essentials. Sybex, Hoboken. ISBN 978-1-119-23530-9

    Google Scholar 

  52. Owen T, Noble W, Speed FC (2019) New perspectives on cybercrime (Palgrave Studies in Cybercrime and Cybersecurity). Palgrave Macmillan, New York. ISBN 978-3-319-85258-4

    Google Scholar 

  53. Paar C, Pelzl J (2010) Understanding cryptography—a textbook for students and practitioners. Springer, Berlin. ISBN 978-3-642-04100-6

    Book  Google Scholar 

  54. Perez E (2013) Knightmare on wall street—the rise and fall of knight capital and the biggest risk for financial markets. Edgar Perez. New York, N.Y., USA. ISBN 978-0-9896577-0-9

    Google Scholar 

  55. Pont MJ (2017) The engineering of reliable embedded systems—developing software for ‘sil 0’ to ‘sil 3’ designs using time-triggered architectures. SafeTTy Systems, Great Dalby. ISBN 978-0-9930-3554-8

    Google Scholar 

  56. Poschmann A (2009) Lightweight cryptography—cryptographic engineering for a pervasive world. Bochumer Universitätsverlag Westdeutscher Universitätsverlag, Bochum. ISBN 978-3-89966-341-9

    Google Scholar 

  57. Raj P, Raman AC (2017) The internet of things—enabling technologies, platforms, and use cases. Taylor & Francis, Boca Raton. ISBN 978-1-498-76128-4

    Book  Google Scholar 

  58. Ransome J, Misra A (2013) Core software security—security at the source. Taylor & Francis, Boca Raton. ISBN 978-1-466-56095-6

    Google Scholar 

  59. Rerup N, Aslaner M (2018) Hands-on cybersecurity for architects—plan and design robust security architectures. Packt, Birmingham. ISBN 978-1-7888-3026-3

    Google Scholar 

  60. Rierson L (2013) Developing safety-critical software—a practical guide for aviation software and DO-178C compliance. Taylor & Francis, Boca Raton. ISBN 978-1-439-81368-3

    Google Scholar 

  61. Ross H-L (2016) Functional safety for road vehicles—new challenges and solutions for e-mobility and automated driving. Springer International, Switzerland. ISBN 978-3-319-33360-1

    Book  Google Scholar 

  62. Rushby JM (2001) Bus-architectures for safety-critical embedded systems. In: EMSOFT 01 Proceedings of the first International Workshop on Embedded Software, 8–10 October 2001, 306–323. Springer, Berlin. ISBN 3-540-42673-6

    Chapter  Google Scholar 

  63. Rushby J (1999) Systematic formal verification for fault-tolerant time-triggered algorithms. IEEE 25(5):651–661. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.174.7976&rep=rep1&type=pdf. Accessed 20 Dec 2018

  64. Sabella A, Irons-Mclean R, Yannuzzi M (2018) Orchestrating and automating security for the internet of things—delivering advanced security capabilities from edge to cloud for IoT. Cisco Systems, Indianapolis. ISBN 978-1-5871-4503-2

    Google Scholar 

  65. Saxe J, Sanders H (2018) Malware data science—attack detection and attribution. No Starch Press, San Francisco. ISBN 978-1-5932-7859-5

    Google Scholar 

  66. Schoenfield BSE (2015) Securing systems—applied security architecture and threat models. CRC Press, Boca Raton. ISBN 978-1-482-23397-1

    Book  Google Scholar 

  67. Sethna JP (2006) Entropy, order parameters, and complexity. Oxford University Press, Oxford. ISBN 978-0-19-856677-9

    MATH  Google Scholar 

  68. Shein R (2004) Zero-day exploit—countdown to darkness. Syngress, Rockland. ISBN 978-1-931836-09-8

    Google Scholar 

  69. Shemanske TR (2017) Modern cryptography and elliptic curves—a beginner’s guide. American Mathematical Society, Rhode Island. ISBN 978-1-470-43582-0

    Book  Google Scholar 

  70. Smith DJ, Simpson KGL (2010) Safety critical systems handbook—a straight forward guide to functional safety, IEC 61508 (2010 EDITION) and related standards, including process IEC 61511 and machinery IEC 62061 and ISO 13849, 3rd edn. Butterworth-Heinemann, Oxford. ISBN 978-0-080-96781-3

    Google Scholar 

  71. Smith S (2017) The internet of risky things—trusting the devices that surround us. O’Reilly, Farnham. ISBN 978-1-491-96362-3

    Google Scholar 

  72. Tech S (2016) Malware—malware detection & threats made easy!, 2nd edn. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-5236-9310-8

    Google Scholar 

  73. Steinhardt G (ed) (2016) The faculty of informatics—key technology of the information society. Böhlau, Wien. ISBN 978-3-205-20129-8

    Google Scholar 

  74. Swan M (2015) Blockchain—blueprint for a new economy. O’Reilly and Associates, Farnham. ISBN 978-1-491-92049-7

    Google Scholar 

  75. Talukder AK, Chaitanya M (2008) Architecting secure software systems. Auerbach Publishers, Boca Raton. ISBN 978-1-420-08784-0

    Book  Google Scholar 

  76. Todorov D (2007) Mechanics of user identification and authentication—fundamentals of identity management. Auerbach Publishers, Boca Raton. ISBN 978-1-420-05219-0

    Book  Google Scholar 

  77. Tsiatsis V, Mulligan C, Karnouskos S, Holler J, Boyle D (2014) From machine-to-machine to the internet of things—introduction to a new age of intelligence. Academic Press, Amsterdam. ISBN 978-0-124-07684-6

    Google Scholar 

  78. Vacca JR (2018) Computer forensics—computer crime scene investigation, 3rd edn. Jones & Bartlett, Sudbury. ISBN 978-0-7637-7997-9

    Google Scholar 

  79. Wall DS (2007) Cybercrime—the transformation of crime in the information age. Polity, Cambridge. ISBN 978-0-7456-2736-6

    Google Scholar 

  80. White RA (2018) Cybercrime—the madness behind the methods. CreateSpace Independent Publishing Platform, Scotts Valley. ISBN 978-1-9798-4857-2

    Google Scholar 

  81. Wildhaber B, Hagmann J, Burgwinkel D, Holländer S, Neuenschwander P, Spichty D (2017) Information governance—a practical guide: how to regain control over your information. The Swiss Information Governance Competence Center. Zollikon, Switzerland. ISBN 978-3-9524430-3-3

    Google Scholar 

  82. Wong W (2018) The risk management of safety and dependability—a guide for directors, managers and engineers. Woodhead Publishing, Illinois. ISBN 978-0-0810-1439-4

    Google Scholar 

  83. Zhuge H (2012) The knowledge grid—toward cyber-physical society, 2nd edn. World Scientific Publishing Company, Singapore. ISBN 978-9-8142-9177-4

    Book  Google Scholar 

  84. Zongo P (2018) The five anchors of cyber-resilience—why some enterprises are hacked into bankruptcy while others easily bounce back. Broadcast Books, Sydney. ISBN 978-0-6480078-4-5

    Google Scholar 

  85. Zongo P (2018b) The five anchors of cyber resilience—why some enterprises are hacked into bankruptcy, while others easily bounce back. CISO Advisory. ISBN 978-0-6480-0784-5. https://cisoadvisory.com.au/

Download references

Author information

Authors and Affiliations

  1. Computer Science Faculty, Technical University of Dresden, Dresden, Germany

    Frank J. Furrer

Authors
  1. Frank J. Furrer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Frank J. Furrer .

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Fachmedien Wiesbaden GmbH, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Furrer, F.J. (2019). Architecture Principles for Dependability. In: Future-Proof Software-Systems. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-19938-8_14

Download citation

Publish with us

Policies and ethics

Search

Navigation