City Research Online

Security-informed safety: integrating security within the safety demonstration of a smart device

Bloomfield, R. E., Guerra, A. S. L., Butler, E. & Netkachova, K. (2017). Security-informed safety: integrating security within the safety demonstration of a smart device. In: 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies. 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, 11-15 Jun 2017, San Francisco, USA.

Abstract

Safety and security engineering have, over the years, developed their own regulations, standards, cultures, and practices. However, there’s a growing realisation that security is closely connected to safety. Safety must be security-informed: if a safety-critical system isn’t secure, it isn’t safe. A safety demonstration is incomplete and unconvincing unless it considers security. In our work for government and industry, we have used the Claims, Arguments, Evidence (CAE) framework to analyse the impact of security on a safety justification or safety case and identified the significant changes needed to address security explicitly. This will impact the design and implementation process as well as the assurance and V&V approach.

In this paper we discuss the impact of integrating security when developing a safety demonstration of a smart device. A smart device is an instrument, device or component that contains a microprocessor (and therefore contains both hardware and software) and is programmed to provide specialised capabilities, often measuring or controlling a process variable. Examples of smart devices include radiation monitors, relays, turbine governors, uninterruptible power supplies and heating ventilation, and air conditioning controllers.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: Copyright 2017 by the American Nuclear Society, La Grange Park, Illinois.
Publisher Keywords: Smart (embedded) devices, safety assessment, security-informed safety, cyber
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Science & Technology > Computer Science
[thumbnail of pp9v01n_npic_cyber_smarts.pdf]
Preview
Text - Accepted Version
Download (638kB) | Preview

Export

Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login