To main content

Improving Security and Safety Co-analysis of STPA

Abstract

Many safety and security co-analysis methods have been proposed to assure the safety of critical systems, including autonomous systems. One example of safety and security co-analysis approach is Systems-Theoretic Process Analysis (STPA) plus STPA-Sec. When using STPA combined with STPA-Sec, the security analysis is performed as part of the causal factor analysis, which is after the safety risk analysis. Few studies have questioned whether such an approach can be improved and how to improve it. In our study, we tried to answer two research questions (RQs): RQ1) Could we improve STPA-Sec by complementing it with threat modeling approaches? RQ2) Could we find more safety risks if we perform security analysis before safety analysis? We performed safety and security co-analysis of an autonomous boat to answer these research questions. Results of the study show that performing security analysis before safety analysis identifies more safety risks than the other way around. To be combined with STPA-Sec, threat modeling based on the data flow diagram outperforms other threat modeling approaches we evaluated.

Category

Academic chapter

Language

English

Author(s)

  • Erik Nilsen Torkildson
  • Jingyue Li
  • Stig Ole Johnsen

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security
  • Norwegian University of Science and Technology
  • Diverse norske bedrifter og organisasjoner

Year

2019

Publisher

Research Publishing Services

Book

Proceedings of the 29th European Safety and Reliability Conference(ESREL). 22 – 26 September 2019 Hannover, Germany

ISBN

9789811127243

View this publication at Norwegian Research Information Repository