Abstract
Increasing digitalization and autonomous solutions in physical systems promise to enhance their performance, cost-efficiency and reliability. However, the integration of novel information technologies with safety-related systems also brings new vulnerabilities and risks that challenge the traditional field of safety analysis. Particularly, cyber security threats are becoming key factors in complex accident scenarios in cyber-physical systems (CPSs), where unintentional errors and design flaws overlap with cyber security vulnerabilities that could lead to harm to humans and assets. This overlap between safety and security analysis is still a loosely defined domain without established theories and methods, leading to complications during the risk analysis of CPSs. In this paper, we first describe how the domain of safety science increasingly overlaps with security analysis. Subsequently, based on this overlapping, we illustrate and complement an integrated method for the identification of harm scenarios in CPSs. This method, coined Uncontrolled Flows of Information and Energy (UFoI-E), offers a distinct theoretical foundation rooted in accident causation models and a framework to design diagrammatic representations of CPSs during the analysis. After summarizing these features of the UFoI-E method, we present our original contribution to the method, which is a new practical toolkit for risk identification composed of an ontology of harm scenarios and a database of checklists built from lessons learned analysis and expert knowledge. Finally, we demonstrate an application of the method in an illustrative case and show representative fields for future work.
Highlights
Significant incentives are leading to the integration of novel digital technologies in the architectures of physical systems, enabling better performance, cost efficiency, energy efficiency, and other attractive benefits
Subse quently, based on this overlapping, we illustrate and complement an integrated method for the identification of harm scenarios in cyber-physical systems (CPSs). This method, coined Uncontrolled Flows of Information and Energy (UFoI-E), offers a distinct theoretical foundation rooted in accident causation models and a framework to design diagrammatic representations of CPSs during the analysis. After summarizing these features of the uncontrolled flows of information (UFoI)-E method, we present our original contribution to the method, which is a new practical toolkit for risk identification composed of an ontology of harm scenarios and a database of checklists built from lessons learned analysis and expert knowl edge
By having introduced the Cyber-Physical Harm Analysis for Safety and Security (CyPHASS) harm scenario builder, we can state that the theoretical part of the UFoI-E method has been complemented by the missing operational tool
Summary
Significant incentives are leading to the integration of novel digital technologies in the architectures of physical systems, enabling better performance, cost efficiency, energy efficiency, and other attractive benefits. We have adopted the definition that CPSs are “engi neered systems that integrate information technologies, real-time con trol subsystems, physical components and human operators to influence physical processes by means of cooperative and (semi)automated con trol functions” (Carreras Guzman et al, 2020). In this view, the key features of CPSs are the intersection between:.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
