Skip to main content
Springer Nature Link
Log in

Utilising Redundancy to Enhance Security of Safety-Critical Systems

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops (SAFECOMP 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14182))

Included in the following conference series:

  • 1074 Accesses

Abstract

For many safety-critical systems, implementing modern cybersecurity protection mechanisms is hindered by legacy design and high re-certification costs. Since such systems are typically designed to be highly reliable, they usually contain a large number of redundant components used to achieve fault tolerance. In this paper, we discuss challenges in utilising redundancy inherently present in the architectures of safety-critical systems to enhance system cybersecurity protection. We consider classic redundant architectures and analyse their ability to protect against cyberattacks. By evaluating the likelihood of a successful cyberattack on a redundant architecture under different implementation conditions, we conclude that redundancy in combination with diversity has better potential to be utilised for cybersecurity protection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. CENELEC - EN 50126–1. Railway Applications - The Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS) - Part 1: Generic RAMS Process

    Google Scholar 

  2. Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secure Comput. 1(1), 11–33 (2004). https://doi.org/10.1109/TDSC.2004.2

  3. Storey, N.: Safety-Critical Computer Systems. Addison-Wesley, Boston (1996)

    Google Scholar 

  4. Koren, I., Mani Krishna, C.: Fault tolerant Systems, 2nd ed. Elsevier, Amsterdam (2007)

    Google Scholar 

  5. de Bortoli, A., Bouhaya, L., Feraille, A.: A life cycle model for high-speed rail infra-structure: environmental inventories and assessment of the Tours-Bordeaux railway in France. Int. J. Life Cycle Assess. 25, 814–830 (2020)

    Article  Google Scholar 

  6. International Standard., “Industrial communication networks - Network and system se-curity - Part 3–3: System security requirements and security levels,” IEC, Edition 1.0 2013–08

    Google Scholar 

  7. International Standard, “Security for industrial automation and control systems - Part 2–4: Security program requirements for IACS service providers,” IEC, Edition 1.0 2015–06

    Google Scholar 

  8. Amendment 1, “Security for industrial automation and control systems - Part 2–4: Security program requirements for IACS service providers,” IEC, Edition 1.0 2017–08

    Google Scholar 

  9. Oxford Dictionary of Statistics., Oxford University Press (2002)

    Google Scholar 

  10. Littlewood, B.: The impact of diversity upon common mode failures. Reliab. Eng. Syst. Saf. 51(1), 101–113 (1996)

    Article  Google Scholar 

  11. Tsoupidi, R.M., Lozano, R.C., Troubitsyna, E., Papadimitratos, P.: Securing Optimized Code Against Power Side Channels. arXiv preprint arXiv:2207.02614

  12. Tsoupidi, R.M., Troubitsyna, E., Papadimitratos, P.: Thwarting code-reuse and side-channel attacks in embedded systems. arXiv preprint arXiv:2304.13458

  13. ENISA Transport Threat Landscape. https://www.enisa.europa.eu/publications/enisa-transport-threat-landscape. Accessed 6 June 2023

  14. Littlewood, B., Strigini, L.: Redundancy and diversity in security. In: European Symposium on Research in Computer Security (2004)

    Google Scholar 

  15. Bain, C., Faatz, D., Fayad, A., Williams, D.: Diversity as a defense strategy in information systems. In: Gertz, M., Guldentops, E., Strous, L. (eds.) Integrity, Internal Control and Security in Information Systems. ITIFIP, vol. 83, pp. 77–93. Springer, Boston, MA (2002). https://doi.org/10.1007/978-0-387-35583-2_5

    Chapter  Google Scholar 

  16. Troubitsyna, E., Laibinis, L., Pereverzeva, I., Kuismin, T., Ilic, D., Latvala, T.: Towards security-explicit formal modelling of safety-critical systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 213–225. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_17

    Chapter  Google Scholar 

  17. Vistbakka, I., Troubitsyna, E.: Towards a formal approach to analysing security of safety-critical systems. In: 14th European Dependable Computing Conference (EDCC). Iasi, Romania, 2018, pp. 182–189 (2018)

    Google Scholar 

  18. Poorhadi, E., Troubitsyna, E., Dan, G.: Analysing the impact of security attacks on safety using SysML and event-B. In: Seguin, C., Zeller, M., Prosvirnova, T. (eds.) Model-Based Safety and Assessment. IMBSA 2022. LNCS, vol. 13525. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15842-1_13

Download references

Author information

Authors and Affiliations

  1. KTH – Royal Institute of Technology, Stockholm, Sweden

    Elena Troubitsyna

Authors
  1. Elena Troubitsyna
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Elena Troubitsyna .

Editor information

Editors and Affiliations

  1. University of Toulouse, Toulouse, France

    Jérémie Guiochet

  2. Fondazione Bruno Kessler, Trento, Italy

    Stefano Tonetta

  3. Austrian Institute of Technology GmbH, Vienna, Austria

    Erwin Schoitsch

  4. LAAS-CNRS, Toulouse, France

    Matthieu Roy

  5. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Troubitsyna, E. (2023). Utilising Redundancy to Enhance Security of Safety-Critical Systems. In: Guiochet, J., Tonetta, S., Schoitsch, E., Roy, M., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops. SAFECOMP 2023. Lecture Notes in Computer Science, vol 14182. Springer, Cham. https://doi.org/10.1007/978-3-031-40953-0_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40953-0_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40952-3

  • Online ISBN: 978-3-031-40953-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics