Security-Informed Safety: If it's not secure, it's not safe
Bloomfield, R. E., Netkachova, K. & Stroud, R. (2013). Security-Informed Safety: If it's not secure, it's not safe. Paper presented at the 5th International Workshop on Software Engineering for Resilient Systems (SERENE 2013), 03rd - 04th October 2013, Kiev, Ukraine.
Abstract
Traditionally, safety and security have been treated as separate disciplines, but this position is increasingly becoming untenable and stakeholders are beginning to argue that if it’s not secure, it’s not safe. In this paper we present some of the work we have been doing on “security-informed safety”. Our approach is based on the use of structured safety cases and we discuss the impact that security might have on an existing safety case. We also outline a method we have been developing for assessing the security risks associated with an existing safety system such as a large-scale critical infrastructure.
| Publication Type: | Conference or Workshop Item (Paper) |
|---|---|
| Additional Information: | The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-40894-6_2 |
| Publisher Keywords: | Security-Informed Safety, assurance cases, risk assessment |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software |
| Departments: | School of Science & Technology > Computer Science > Software Reliability |
| Related URLs: |
Metadata
MetadataActions (login required)
Admin Login