Gap-and-IMECA-Based Assessment of I&C Systems Cyber Security

  • Vyacheslav Kharchenko
  • Anton Andrashov
  • Vladimir Sklyar
  • Andriy Kovalenko
  • Olexandr Siora
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 170)

Abstract

This chapter presents an approach to cyber security assessment, which is based on Gap Analysis (GA) and Intrusion Modes and Effects Criticality Analysis (IMECA) techniques, applicable to complex Instrumentation and Control (I&C) systems, including safety-critical FPGA-based I&C systems. Elements of the GA-and-IMECA procedure of assessment are proposed. As an example, the proposed approach and technique are considered in the context of assessing the cyber security properties of FPGA-based I&C systems, taking into account vulnerabilities of products and discrepancies of appropriate processes.

Keywords

Life Cycle Stage Life Cycle Model Life Cycle Process VHDL Code Field Programmable Gate Array Chip 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    IEC 61508:2010, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (2010) Google Scholar
  2. 2.
    NUREG/CR-7006, Review Guidelines for Field-Programmable Gate Arrays in Nuclear Power Plant Safety Systems, U.S. Nuclear Regulatory Commission (February 2010) Google Scholar
  3. 3.
    Kharchenko, V., Sklyar, V. (eds.): FPGA-based NPP Instrumentation and Control Systems: Development and Safety Assessment, Research and Production Corporation “Radiy”, National Aerospace University named after N.E. Zhukovsky “KhAI”, State Scientific Technical Center on Nuclear and Radiation Safety, 188 p (2008)Google Scholar
  4. 4.
    Kharchenko, V. (ed.): Critical Infrastructures Safety: Mathematical and Engineering Methods of Analysis and Assurance, Department of Education and Science of Ukraine, National aerospace university named after N. Zhukovsky “KhAI”, 641 p (2011)Google Scholar
  5. 5.
    Ravi, S., Raghunathan, A., Kocher, P.: Security in Embedded Systems: Design Challenges. ACM Transactions on Embedded Computing Systems 3(3), 461–491 (2004)CrossRefGoogle Scholar
  6. 6.
    Grand, J.: Practical Secure Hardware Design for Embedded Systems. In: Proc. of the 2004 Embedded Systems Conference, San Francisco, California, March 29-April 1 (2004)Google Scholar
  7. 7.
    IEC 812, Analysis Techniques for System Reliability – Procedure for Failure Modes and Effects Analysis (FMEA). International Electrotechnical Commission, Geneva (1985)Google Scholar
  8. 8.
    Lutz, R., Helmer, G., Moseman, M., Statezni, D., Tockey, S.: Safety Analysis of Requirements for a Product Family. In: Proc. 3rd Int’l Conf. on Requirements Engineering (ICRE 1998), pp. 24–31 (1998)Google Scholar
  9. 9.
    Elyasi Komari, I., Kharchenko, V., Babeshko, E., Gorbenko, A., Siora, A.: Extended Dependability Analysis of Information and Control Systems by FME(C)A-technique: Models. In: Procedures, Application, DepCoS – RELCOMEX 2009, pp. 25–32 (2009)Google Scholar
  10. 10.
    Gorbenko, A., Kharchenko, V., Tarasyuk, O., Furmanov, A.: F(I)MEA-Technique of Web Services Analysis and Dependability Ensuring. In: Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.) Rigorous Development of Complex Fault-Tolerant Systems. LNCS, vol. 4157, pp. 153–167. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.: Basic Concepts and Taxonomy of De-pendable and Secure Computing. IEEE Transactions on Dependable and Secure Computing 1(1), 11–33 (2004)CrossRefGoogle Scholar
  12. 12.
    Babeshko, E., Kharchenko, V., Gorbenko, A.: Applying F(I)MEA-technique for SCADA-based Industrial Control Systems Dependability Assessment and Ensuring. In: DepCoS-RELCOMEX 2008, pp. 309–315 (2008), doi:10.1109/DepCoS-RELCOMEX.2008.23Google Scholar
  13. 13.
    Abrial, J.-R.: Modeling in Event-B, 612 p. Cambridge University Press (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Vyacheslav Kharchenko
    • 1
    • 2
  • Anton Andrashov
    • 3
  • Vladimir Sklyar
    • 3
  • Andriy Kovalenko
    • 2
  • Olexandr Siora
    • 3
  1. 1.National Aerospace University ”KhAI”KharkovUkraine
  2. 2.Centre for Safety Infrastructure-Oriented Research and AnalysisKharkovUkraine
  3. 3.Research and Production Corporation ”Radiy”KirovogradUkraine

Personalised recommendations