SPARTA Results

On Computer - Aided Techniques for Supporting Safety and Security Co-Engineering

Vivek Nigam, Antonaneta Kondeva, Carmen Carlan and Harald Ruess

With the increasing system interconnectivity, cyber-attacks on safety-critical systems can lead to catastrophic events.This calls for a better safety and security integration. Indeed, asafety assessment contains security relevant information, such as,key safety hazards, that shall not be triggered by cyber-attacks.Guidelines, such as, SAE J3061 and ED202A, already recommendto exchange information gathered by safety and security engineersduring different phases of development. However, these guidelinesdo not specify exactly how and which information shall be ex-changed. We propose a methodology for enabling computer aidedtechniques for extracting security relevant information from safetyanalysis. In particular, we propose techniques for automaticallyconstructing Attack Trees from safety artefacts such as fault trees,hazard analysis and safety patterns. Lastly, we illustrate thesetechniques on an Industry 4.0 application.

Full paper