Abstract
The digitalization of industrial control systems (ICS) raises several security threats that can endanger the safety of the critical infrastructures supervised by such systems. This paper presents an analysis method that enables the identification and ranking of risks leading to a safety issue, regardless of the origin of those risks: accidental or due to malevolence. This method relies on a modeling formalism called BDMP (Boolean logic Driven Markov Processes) that was initially created for safety studies, and then adapted to security. The use of the method is first illustrated on a simple case to show how it can be used to make decisions in a situation where security requirements are in conflict with safety requirements. Then it is applied to a realistic industrial system: a pipeline and its instrumentation and control system in order to highlight possible interactions between safety and security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bieber, P., Blanquart, J.P., Descargues, G., Dulucq, M., Fourastier, Y., Hazane, E., Julien, M., Leonardon, L., Sarouille, G.: Security and safety assurance for aerospace embedded systems. In: Proceedings of the 6th International Conference on Embedded Real Time Software and Systems, Toulouse, France, pp. 1–10 (2012)
Bouissou, M., Bon, J.-L.: A new formalism that combines advantages of fault-trees and markov models: Boolean logic driven markov processes. Reliability Engineering & System Safety 82(2), 149–163 (2003)
Chiaradonna, S., Di Giandomenico, F., Lollini, P.: Case study on critical infrastructures: Assessment of electric power systems. In: Wolter, K., Avritzer, A., Vieira, M., van Moorsel, A. (eds.) Resilience Assessment and Evaluation of Computing Systems, pp. 365–390. Springer, Heidelberg (2012)
Eames, D.P., Moffett, J.D.: The integration of safety and security requirements. In: Felici, M., Kanoun, K., Pasquini, A. (eds.) SAFECOMP 1999. LNCS, vol. 1698, pp. 468–480. Springer, Heidelberg (1999)
Hunter, B.: Integrating safety and security into the system lifecycle. In: Improving Systems and Software Engineering Conference (ISSEC), Canberr, Australia, p. 147 (August 2009)
Kornecki, A., Subramanian, N., Zalewski, J.: Studying interrelationships of safety and security for software assurance in cyber-physical systems: Approach based on bayesian belief networks. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 1393–1399 (2013)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462 (2010)
Kriaa, S., Bouissou, M., Pietre-Cambacedes, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: 2012 7th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1–8 (2012)
Nai Fovino, I., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliability Engineering & System Safety 94(9), 1394–1402 (2009)
Novak, T., Gerstinger, A.: Safety- and security-critical services in building automation and control systems. IEEE Transactions on Industrial Electronics 57(11), 3614–3621 (2010)
Pietre-Cambacedes, L., Bouissou, M.: Beyond attack trees: Dynamic security modeling with boolean logic driven markov processes (BDMP). In: Dependable Computing Conference (EDCC), 2010 European, pp. 199–208 (2010)
Pietre-Cambacedes, L., Bouissou, M.: Modeling safety and security interdependencies with BDMP (boolean logic driven markov processes). In: IEEE International Conference on Systems Man and Cybernetics (SMC), pp. 2852–2861 (2010)
Pietre-Cambacedes, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Reliability Engineering & System Safety 110, 110–126 (2013)
Pietre-Cambacedes, L., Deflesselle, Y., Bouissou, M.: Security modeling with BDMP: from theory to implementation. In: 2011 Conference on Network and Information Systems Security (SAR-SSI), pp. 1–8 (2011)
Pietre-Cambacedes, L., Bouissou, M.: Attack and defense dynamic modeling with BDMP (extended version). Tech. rep., Technical Report, Telecom ParisTech (2010)
Pietre-Cambacedes, L., Chaudet, C.: The SEMA referential framework: Avoiding ambiguities in the terms “security” and “safety”. International Journal of Critical Infrastructure Protection 3(2), 55–66 (2010)
Smith, J., Russell, S., Looi, M.: Security as a safety issue in rail communications. In: Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software, SCS 2003, vol. 33, pp. 79–88. Australian Computer Society, Inc., Australia (2003)
Steiner, M., Liggesmeyer, P.: Combination of safety and security analysis-finding security problems that threaten the safety of a system. In: Proceedings of Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-physical Systems) of the 32nd International Conference on Computer Safety, Reliability and Security (2013)
Sun, M., Mohan, S., Sha, L., Gunter, C.: Addressing safety and security contradictions in cyber-physical systems. In: 1st Workshop on Future Directions in Cyber-Physical Systems Security (CPSS 2009), Newark, United States (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kriaa, S., Bouissou, M., Colin, F., Halgand, Y., Pietre-Cambacedes, L. (2014). Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline. In: Bondavalli, A., Di Giandomenico, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science, vol 8666. Springer, Cham. https://doi.org/10.1007/978-3-319-10506-2_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-10506-2_22
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10505-5
Online ISBN: 978-3-319-10506-2
eBook Packages: Computer ScienceComputer Science (R0)