Abstract
Systems, including AI/IoT, have complex relationships. It is necessary to analyze risks from various perspectives to build a system that can be used safely and securely throughout society, including people and organizations. Object modeling is desirable for risk analysis from multiple viewpoints.
An accident model based on system theory called STAMP and its hazard analysis method STPA has attracted attention recently. The basis of this theory is the Control Structure diagram (CS) that captures the entire system. The authors use CS as a structural diagram that captures the requirements of the whole system, including humans and society, and clarifies the relationship by the software lifecycle process standard and the system-life cycle process standard. Therefore, it is proposed to explain the specifications hierarchically for each software, system, service, and stakeholder, and to standardize it for the social layer. In order to model a complex system hierarchically, we propose to model the control structure diagram of STAMP into five layers according to the life cycle of software and system requirements. In addition, we present a case study of safety and security analysis based on the above-mentioned model, considering the case of level 3 autonomous driving.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Reference
Information-technology Promotion Agency (IPA): IoT Safety/Security Development Guidelines
Leveson, G.N.: Engineering a Safer World. MIT Press, Cambridge (2012)
STPA handbook. https://psas.scripts.mit.edu/home/
IEC 61025:2006 Fault Tree Analysis (FTA). https://webstore.iec.ch/publication/4311
United States Military Procedure: Procedure for performing a failure mode effect and criticality analysis, MIL-P-1629, 9 November 1949
IEC 61882:2001 Hazard and operability studies (HAZOP studies) - application guide. https://www.iec.ch
ISO/IEC/IEEE 12207. https://www.iso.org/standard/63712.html
ISO/IEC/IEEE15288:2015. https://www.iso.org/standard/63711.html
Sommerville, I.: Software Engineering, 10th edn. Pearson Education Limited, London (2016)
Lipner, S., Howard, M.: The trustworthy computing security development lifecycle. https://msdn.microsoft.com/en-us/library/ms995349.aspx
Shostack, A.: Threat Modeling: Designing for Security. Wiley, New York (2014)
Kaneko, T., Takahashi, Y., Okubo, T., Sasaki, R.: Threat analysis using STRIDE with STAMP/STPA. In: The International Workshop on Evidence-based Security and Privacy in the Wild (APSEC 2018 Workshop) (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Kaneko, T., Yoshioka, N. (2020). STAMP S&S: Layered Modeling for the Complexed System in the Society of AI/IoT. In: Virvou, M., Nakagawa, H., C. Jain, L. (eds) Knowledge-Based Software Engineering: 2020. JCKBSE 2020. Learning and Analytics in Intelligent Systems, vol 19. Springer, Cham. https://doi.org/10.1007/978-3-030-53949-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-53949-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-53948-1
Online ISBN: 978-3-030-53949-8
eBook Packages: Computer ScienceComputer Science (R0)