Paper Info
Title
STPA-SafeSec: Safety and security analysis for cyber-physical systems.
Abstract
Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today's critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.
Year
DOI
Venue
2017
10.1016/j.jisa.2016.05.008
Journal of Information Security and Applications
Keywords
Field
DocType
Smart grid,Synchronous islanded generation,STPA,CPS,Safety,Cyber security
Hazard and operability study,System safety,Smart grid,Computer science,Computer security,Security service,Security analysis,Cyber-physical system,Information and Communications Technology,Vulnerability
Journal
Volume
ISSN
Citations 
34
2214-2126
19
PageRank 
References 
Authors
1.06
9
5
Name
Order
Citations
PageRank
Ivo Friedberg1402.75
Kieran McLaughlin220822.19
Paul Smith39410.97
David M. Laverty4416.55
Sakir Sezer5101084.22