Skip to main content
SpringerLink
Log in

Co-Engineering-in-the-Loop

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2018)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11094))

Included in the following conference series:

Abstract

System safety standards have been available for two decades. Remarkably, none of the functional safety standards gave detailed guidance on how to treat potential security risks; security was – if at all – only mentioned in a small remark. However, the way how systems are built has changed; today’s safety-critical systems are more and more integrated in networks and, thus, the old paradigm of isolated systems is not any more valid. It has been recognized that safety and security, and since recently also performance, need to be treated in combination: Co-engineering is required. After a short glance at the state of the art in co-engineering methods and in respective standardization, the paper describes the approach of co-engineering with interaction points taken in the ECSEL project AQUAS, which has been running since May 2017. The methodology is illustrated with first details on how the co-engineering approach for the concept phase is realized in the industrial drive use case provided by Siemens AG Austria.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. IEC_61508-1_Ed.2.0: Functional safety of electrical/electronic/programmable electronic safety-related. Part 1-6 (2010)

    Google Scholar 

  2. BBC Report: Hack attack causes ‘massive damage’ at steel works, http://www.bbc.com/news/technology-30575104. Accessed May 2018

  3. IEC 61800: Adjustable speed electrical power drive systems Part 1-7

    Google Scholar 

  4. ISO/IEC 15408-1:2009: Information technology – security techniques – evaluation criteria for IT security – Part 1: introduction and general model

    Google Scholar 

  5. ISO/IEC 27000:2018: Information technology - security techniques - information security management systems - overview and vocabulary

    Google Scholar 

  6. ISO - International Organization for Standardization. ISO 26262 Road vehicles Functional Safety Part 1-10 (2011)

    Google Scholar 

  7. Scandariato, R., Wuyts, K., Joosen, W., Microsoft Corporation: A descriptive study of Microsoft’s threat modeling technique. http://scholar.google.at/scholar_url?url=https://lirias.kuleuven.be/bitstream/123456789/424554/1/rej-stride.pdf&hl=de&sa=X&scisig=AAGBfm37KabrVfVeveavNgju0SLcmf351w&nossl=1&oi=scholarr. Accessed May 2018

  8. Macher, G., Sporer, H., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method (2015)

    Google Scholar 

  9. The_MERgE_Project: D3.4.4: Recommendations for Security and Safety Co-engineering (2016). http://www.merge-project.eu/merge-deliverables

  10. Schmittner, C., Gruber, T., Puschner, P., Schoitsch, E.: Security application of failure mode and effect analysis (FMEA). In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 310–325. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10506-2_21

    Chapter  Google Scholar 

  11. IEC 60812: Analysis techniques for system reliability – procedure for failure mode and effects analysis (FMEA), 2nd edn. (2006)

    Google Scholar 

  12. https://www.techrepublic.com/blog/it-security/the-cia-triad/. Accessed 26 May 2018

  13. SAE J3061: Cybersecurity guidebook for cyber-physical vehicle systems (2016)

    Google Scholar 

  14. IEC/TS_62443-1-1: Industrial communication networks – network and system security – Part 1-1: terminology, concepts and models (2009)

    Google Scholar 

  15. IEC_62443-2-1: Industrial communication networks – network and system security – Part 2-1: establishing an industrial automation and control system security program (2010)

    Google Scholar 

  16. IEC_62443-3-1: Industrial communication networks – network and system security – Part 3-1: system security requirements and security levels, Draft

    Google Scholar 

  17. IEC_62443-3-2: Industrial communication networks – network and system security – Part 3-2: security risk assessment and system design, Draft

    Google Scholar 

  18. IEC_62443-3-3: Industrial communication networks – network and system security – Part 3-3: system security requirements and security levels (2013)

    Google Scholar 

  19. IEC 62443-4-1: Security for industrial automation and control systems - Part 4-1: secure product development lifecycle requirements (2018)

    Google Scholar 

  20. IEC 62443-4-2: Industrial communication networks - security for industrial automation and control systems - Part 4-2: technical security requirements for IACS components, Draft (2017)

    Google Scholar 

  21. Industry 4.0 – Wikipedia. https://en.wikipedia.org/wiki/Industry_4.0

  22. Hackers trigger yet another power outage in Ukraine, ars TECHNICA. https://arstechnica.com/information-technology/2017/01/the-new-normal-yet-another-hacker-caused-power-outage-hits-ukraine/

  23. Schmittner, C., Ma, Z., Puschner, P.: Limitation and improvement of STPA-Sec for safety and security co-analysis. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 195–209. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45480-1_16

    Chapter  Google Scholar 

  24. Fovino, I.N., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliab. Eng. Syst. Saf. 94, 1394–1402 (2009)

    Article  Google Scholar 

  25. The AMASS Project. https://www.amass-ecsel.eu/

  26. Gashi, I., Povyakalo, A., Strigini, L.: Diversity, safety and security in embedded systems: modelling adversary effort and supply chain risks. In: 12th European Dependable Computing Conference (EDCC), Gothenburg, pp. 13–24 (2016)

    Google Scholar 

  27. The AQUAS Project. https://aquas-project.eu/

  28. The Arrowhead Project. http://www.arrowhead.eu/

  29. Bloomfield, R., Netkachova, K., Stroud, R.: Security-informed safety: if it’s not secure, it’s not safe. In: Gorbenko, A., Romanovsky, A., Kharchenko, V. (eds.) SERENE 2013. LNCS, vol. 8166, pp. 17–32. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40894-6_2

    Chapter  Google Scholar 

Download references

Acknowledgements

The work published here is based on research in the AQUAS project that has been funded by the ECSEL Joint Undertaking and the Austrian Ministry for Transport, Innovation and Technology (BMVIT) in the program “ICT of the Future” and the Austrian Research Promotion Agency (FFG) under Grant Agreement number 737475.

Author information

Authors and Affiliations

  1. AIT Austrian Institute of Technology GmbH, Giefinggasse 4, 1210, Vienna, Austria

    Thomas Gruber & Christoph Schmittner

  2. Siemens Aktiengesellschaft Österreich, Siemensstraße 90, 1210, Vienna, Austria

    Martin Matschnig & Bernhard Fischer

Authors
  1. Thomas Gruber
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christoph Schmittner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Matschnig
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bernhard Fischer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Gruber .

Editor information

Editors and Affiliations

  1. Mälardalen University, Västerås, Sweden

    Barbara Gallina

  2. Norwegian University of Science and Technology, Trondheim, Norway

    Amund Skavhaug

  3. AIT Austrian Institute of Technology, Vienna, Austria

    Erwin Schoitsch

  4. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gruber, T., Schmittner, C., Matschnig, M., Fischer, B. (2018). Co-Engineering-in-the-Loop. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2018. Lecture Notes in Computer Science(), vol 11094. Springer, Cham. https://doi.org/10.1007/978-3-319-99229-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-99229-7_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-99228-0

  • Online ISBN: 978-3-319-99229-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation