Abstract
The security and safety of cyber-physical systems (CPSs) often influence each other. Ensuring that this does not have negative implications might require a large and rigorous effort during the development of CPS. However, early in the life-cycle, quick feedback can be valuable helping security and safety engineers to understand how seemingly trivial design choices in their domain may have unacceptable implications in the other. We propose the cyber risk assessment framework (CRAF) for this purpose. The CRAF is based on openly available and widely used taxonomies from the safety and security domains, and a unique mapping of where loss of data security may impact aspects of data with safety implications. This letter represents the first time these different elements have been brought together into a single framework with an associated process. Through examples from within our organizations we show how this framework can be put to good use.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
