STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems

Ivo Friedberg, Kieran McLaughlin, Paul Smith, David Laverty, Sakir Sezer

Research output: Contribution to journalSpecial issuepeer-review

178 Citations (Scopus)
997 Downloads (Pure)

Abstract

Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.
Original languageEnglish
Number of pages16
JournalJournal of Information Security and Applications
Early online date30 Jun 2016
DOIs
Publication statusEarly online date - 30 Jun 2016

Access to Document

  • STPA-SafeSec: Safety and security analysis for cyber-physical systems

    © 2016 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium, provided the author and source are cited.

    Final published version, 1.91 MBLicence: CC BY

    Fingerprint

    Dive into the research topics of 'STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems'. Together they form a unique fingerprint.
    View full fingerprint
    • 178 Citations
    • 2 Conference contribution
    • 1 Chapter (peer-reviewed)

    • Towards a Resilience Metric Framework for Cyber-Physical Systems

      Friedberg, I., McLaughlin, K., Smith, P. & Wurzenberger, M., 25 Aug 2016, 4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR 2016). BCS Learning & Development Ltd, p. 19-22 4 p.

      Research output: Chapter in Book/Report/Conference proceedingConference contribution

      Open Access
      File
      5334 Downloads (Pure)

    • A Cyber-Physical Security Analysis of Synchronous-Islanded Microgrid Operation

      Friedberg, I., Laverty, D., McLaughlin, K. & Smith, P., 17 Sept 2015, Proceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research 2015. BCS Learning & Development Ltd, p. 52-62 11 p.

      Research output: Chapter in Book/Report/Conference proceedingConference contribution

      Open Access
      File
      745 Downloads (Pure)

    • Towards a Cyber-physical Resilience Framework for Smart Grids

      Friedberg, I., McLaughlin, K. & Smith, P., Jun 2015, Intelligent Mechanisms for Network Configuration and Security: 9th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2015, Ghent, Belgium, June 22-25, 2015. Proceedings. Latre, S., Charalambrides, M., Francois, J., Schmitt, C. & Stiller, B. (eds.). Springer, p. 140-144 5 p. (Lecture Notes in Computer Science; vol. 9122).

      Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)peer-review

      Open Access
      File
      3 Citations (Scopus)
      498 Downloads (Pure)

    Cite this