Bloomfield, R. E., Netkachova, K. & Stroud, R. (2013). Security-Informed Safety: If it's not secure, it's not safe. Paper presented at the 5th International Workshop on Software Engineering for Resilient Systems (SERENE 2013), 03rd - 04th October 2013, Kiev, Ukraine.
Download (539kB) | Preview
Traditionally, safety and security have been treated as separate disciplines, but this position is increasingly becoming untenable and stakeholders are beginning to argue that if it’s not secure, it’s not safe. In this paper we present some of the work we have been doing on “security-informed safety”. Our approach is based on the use of structured safety cases and we discuss the impact that security might have on an existing safety case. We also outline a method we have been developing for assessing the security risks associated with an existing safety system such as a large-scale critical infrastructure.
|Item Type:||Conference or Workshop Item (Paper)|
|Additional Information:||The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-40894-6_2|
|Uncontrolled Keywords:||Security-Informed Safety, assurance cases, risk assessment|
|Subjects:||Q Science > QA Mathematics > QA76 Computer software|
|Divisions:||School of Informatics > Centre for Software Reliability|
Actions (login required)
Downloads per month over past year