by Max Steiner, Peter Liggesmeyer
Abstract:
In most cases in a safety analysis the influences of security problems are omitted or even forgotten. Because more and more systems are accessible from outside the system via maintenance interfaces, this missing security analysis is becoming a problem. This is why we propose an approach on how to extend the safety analysis by security aspects. Such a more comprehensive analysis should lead to systems that react in less catastrophic ways to attacks.
Reference:
M. Steiner, P. Liggesmeyer, "Combination of Safety and Security Analysis - Finding Security Problems That Threaten The Safety of a System", in SAFECOMP 2013 - Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-physical Systems) of the 32nd International Conference on Computer Safety, Reliability and Security, M. ROY, Ed..
Bibtex Entry:
@INPROCEEDINGS{Steiner2013,
author = {Max Steiner and Peter Liggesmeyer},
title = {Combination of Safety and Security Analysis - Finding Security Problems That Threaten The Safety of a System},
booktitle = {SAFECOMP 2013 - Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-physical Systems) of the 32nd International Conference on Computer Safety, Reliability and Security},
year = {2013},
editor = {Matthieu ROY},
abstract = {In most cases in a safety analysis the influences of security problems are omitted or even forgotten. Because more and more systems are accessible from outside the system via maintenance interfaces, this missing security analysis is becoming a problem. This is why we propose an approach on how to extend the safety analysis by security aspects. Such a more comprehensive analysis should lead to systems that react in less catastrophic ways to attacks.},
keywords = {Safety, Embedded systems, safety analysis, security analysis, quantitative combined analysis, component fault trees, attack trees},
url = {http://hal.archives-ouvertes.fr/hal-00848604}
}