Abstract
Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today's critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.
Highlights
E.g., the power grid or water distribution network, are cyber-physical systems (CPS): physical processes and components are connected over information and communication technologies (ICT), which are critical for correct system operation
This single approach allows the interdependencies between safety and security constraints to be detected and used in mitigation strategies; (ii) the most critical system components can be prioritized for in-depth security analysis; (iii) the results from the analysis show the potential system losses that can be caused by a specific security or safety vulnerability in the system; and (iv) mitigation strategies can be more readily designed and their effectiveness evaluated — changes in the physical process can be used to mitigate cyber-attacks, while control algorithms can mitigate safety limitations of the physical processes or devices
To control these operational states, an increased integration of power systems with ICT communication is needed. This integration motivates new approaches to analyze systems with respect to safety and security. We have presented such a novel approach — STPASafeSec — that unifies and extends the System Theoretic Process Analysis (STPA) technique for safety analysis and STPA-sec for security analysis
Summary
E.g., the power grid or water distribution network, are cyber-physical systems (CPS): physical processes and components are connected over information and communication technologies (ICT), which are critical for correct system operation. STPA-SafeSec provides a number of benefits over existing work: (i) it provides a single approach to identify safety and security constraints that need to be ensured by the system in order to operate loss free This single approach allows the interdependencies between safety and security constraints to be detected and used in mitigation strategies; (ii) the most critical system components can be prioritized for in-depth security analysis (e.g. penetration testing); (iii) the results from the analysis show the potential system losses that can be caused by a specific security or safety vulnerability in the system; and (iv) mitigation strategies can be more readily designed and their effectiveness evaluated — changes in the physical process can be used to mitigate cyber-attacks, while control algorithms can mitigate safety limitations of the physical processes or devices.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have