Security Application of Failure Mode and Effect Analysis (FMEA)

  • Christoph Schmittner
  • Thomas Gruber
  • Peter Puschner
  • Erwin Schoitsch
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8666)


Increasingly complex systems lead to an interweaving of security, safety, availability and reliability concerns. Most dependability analysis techniques do not include security aspects. In order to include security, a holistic risk model for systems is needed. In our novel approach, the basic failure cause, failure mode and failure effect model known from FMEA is used as a template for a vulnerability cause-effect chain, and an FMEA analysis technique extended with security is presented. This represents a unified model for safety and security cause-effect analysis. As an example the technique is then applied to a distributed industrial measurement system.


Safety analysis security analysis combined analysis FMEA vulnerabilities cause effect chain for security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Dong-bo Pan, F.L.: Influence between Safety and Security. In: 2nd IEEE Conference on Industrial Electronics and Applications, ICIEA 2007, pp. 1323–1325 (2007)Google Scholar
  2. 2.
    Lautieri, S.: De-risking safety [military safety systems]. Computing and Control Engineering 17, 38–41 (2006)CrossRefGoogle Scholar
  3. 3.
    IEC 60812: Analysis Techniques for System Reliability – Procedure for Failure Mode and Effects Analysis (FMEA). International Electrotechnical Commission Google Scholar
  4. 4.
    MIL-P-1629: Procedures for Performing a failure mode, effects and Criticality analysis. Department of Defense (US) Google Scholar
  5. 5.
    Reifer, D.J.: Software Failure Modes and Effects Analysis. IEEE Transactions on Reliability 28(3), 247–249 (1979)CrossRefGoogle Scholar
  6. 6.
    Jacob, N.J.S., Stadler, J.: Software Failure Modes and Effects Analysis. In: 2013 Proceedings-Annual Reliability and Maintainability Symposium (RAMS), pp. 1–5 (2013)Google Scholar
  7. 7.
    Haapanen Pentti, H.A.: Failure Mode and Effects Analysis of Software-Based Automation Systems. STUK-Y TO-TR-19 0, vol. 2, p. 2 (August 2002)Google Scholar
  8. 8.
    IEC 61508, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE, or E/E/PES). International Electrotechnical Commission (2010)Google Scholar
  9. 9.
    IEC 62443: Industrial communication networks - Network and system security. International Electrotechnical CommissionGoogle Scholar
  10. 10.
    Gorbenko, A., Kharchenko, V., Tarasyuk, O., Furmanov, A.: F(I)MEA-technique of web services analysis and dependability ensuring. In: Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.) Rigorous Development of Complex Fault-Tolerant Systems. LNCS, vol. 4157, pp. 153–167. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Haapanen, P., Helminen, A.: Failure mode and effects analysis of software-based automation systems. In: Radiation and Nuclear Safety Authority, Helsinki, Finland (2002)Google Scholar
  12. 12.
    Frank Swiderski, W.S.: Threat Modeling. Microsoft Press (2004)Google Scholar
  13. 13.
    Laprie, J.-C.: Dependable Computing: Concepts, Limits, Challenges. Digest of Papers FTCS-15, 2–11 (1985)Google Scholar
  14. 14.
    ISO/IEC:27002: Information technology - security techniques - Code of practice for information security management. International Organization for Standardization (ISO), International Electrotechnical Commission (IEC)Google Scholar
  15. 15.
    ISO/IEC 27005, Information technology — Security techniques — Information security risk management. International Organization for Standardization (ISO), International Electrotechnical Commission, IEC (2008)Google Scholar
  16. 16.
    Microsoft, “Security Development Lifecycle,” Microsoft (2010)Google Scholar
  17. 17.
    Tehranipoor, M., Koushanfar, F.: A survey of hardware Trojan taxonomy and detection (2009)Google Scholar
  18. 18.
    Shostack., A., Lambert., S., Ostwald., T., Hernan, S.: Uncover Security Design Flaws Using The STRIDE Approach. MSDN Magazine (2006)Google Scholar
  19. 19.
    Powell, D., Stroud, R., et al.: Conceptual model and architecture of MAFTIA. Technical Report Series-University of Newcastle Upon Tyne Computing Science (2003)Google Scholar
  20. 20.
    Eric Byres, J.L.: The Myths and Facts behind Cyber Security Risks for Industrial Control Systems. British Columbia Institute of Technology (2004)Google Scholar
  21. 21.
    Wilhoit, K.: Who’s Really Attacking Your ICS Equipment. Trend Micro Incorporated (2013)Google Scholar
  22. 22.
    Viola, N., Corpino, S., Stesina, F., Fioriti, M.: Functional Analysis in Systems Engineering: methodology and applications (2012)Google Scholar
  23. 23.
    Meyer, U., Wetzel, S.: On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks. In: 15th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004, vol. 4, pp. 2876–2883 (2004)Google Scholar
  24. 24.
    Steiner, M., Liggesmeyer, P.: Combination of Safety and Security Analysis - Finding Security Problems That Threaten The Safety of a System. In: SAFECOMP 2013 - Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-physical Systems) of the 32nd International Conference on Computer Safety, Reliability and Security (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Christoph Schmittner
    • 1
  • Thomas Gruber
    • 1
  • Peter Puschner
    • 2
  • Erwin Schoitsch
    • 1
  1. 1.Safety & Security DepartmentAustrian Institute of TechnologyViennaAustria
  2. 2.Department of Computer EngineeringVienna University of TechnologyViennaAustria

Personalised recommendations