Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Software Engineering for Resilient Systems

SERENE 2013: Software Engineering for Resilient Systems pp 17–32Cite as

Security-Informed Safety: If It’s Not Secure, It’s Not Safe

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8166))

Abstract

Traditionally, safety and security have been treated as separate disciplines, but this position is increasingly becoming untenable and stakeholders are beginning to argue that if it’s not secure, it’s not safe. In this paper we present some of the work we have been doing on “security-informed safety”. Our approach is based on the use of structured safety cases and we discuss the impact that security might have on an existing safety case. We also outline a method we have been developing for assessing the security risks associated with an existing safety system such as a large-scale critical infrastructure.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bloomfield, R.E., Stroud, R.J.: Safety and Security: Concepts, Standards and Assurance. D/719/138002/2, v2.0. Adelard, London (2012)

    Google Scholar 

  2. Netkachova, K., Bloomfield, R.E., Stroud, R.J.: Security-informed safety cases. In: Specification and Safety and Security Analysis and Assessment Techniques. D3.1, SESAMO project, http://sesamo-project.eu

  3. Bloomfield, R.E., Wetherilt, A.: Computer trading and systemic risk: a nuclear perspective. Foresight study, The Future of Computer Trading in Financial Markets, Driver Review DR26. Government Office for Science (2012)

    Google Scholar 

  4. Toulmin, S.E.: The Uses of Argument. Cambridge University Press, Cambridge (1958)

    Google Scholar 

  5. Kelly, T., Weaver, R.: The Goal Structuring Notation – A Safety Argument Notation. In: Workshop on Assurance Cases, 2004 International Conference on Dependable Systems and Networks, Florence (2004)

    Google Scholar 

  6. Bishop, P.G., Bloomfield, R.E.: A Methodology for Safety Case Development. In: Redmill, F., Anderson, T. (eds.) Industrial Perspectives of Safety-critical Systems: Proceedings of the Sixth Safety-Critical Systems Symposium, Birmingham 1998, pp. 194–203. Springer, London (1998)

    Chapter  Google Scholar 

  7. ISO/IEC 15026-2:2011. Systems and software engineering — Systems and software assurance, Part 2: Assurance case (2011)

    Google Scholar 

  8. Bishop, P.G., Bloomfield, R.E., Guerra, S.: The future of goal-based assurance cases. In: Workshop on Assurance Cases, 2004 International Conference on Dependable Systems and Networks, Florence (2004)

    Google Scholar 

  9. National Institute of Standards and Technology, U.S. Department of Commerce: Security and Privacy Controls for Federal Information Systems and Organizations. Special Publication 800-53, Rev. 4. Gaithersburg, MD (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Software Reliability, City University London, UK

    Robin Bloomfield & Kateryna Netkachova

  2. Adelard LLP, UK

    Robin Bloomfield & Robert Stroud

Authors
  1. Robin Bloomfield
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kateryna Netkachova
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Robert Stroud
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Systems and Networks, National Aerospace University, 17, Chkalov Street, 61070, Kharkiv, Ukraine

    Anatoliy Gorbenko  & Vyacheslav Kharchenko  & 

  2. School of Computing Science, Newcastle University, Claremont Tower, NE1 7RU, Newcastle upon Tyne, UK

    Alexander Romanovsky

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bloomfield, R., Netkachova, K., Stroud, R. (2013). Security-Informed Safety: If It’s Not Secure, It’s Not Safe. In: Gorbenko, A., Romanovsky, A., Kharchenko, V. (eds) Software Engineering for Resilient Systems. SERENE 2013. Lecture Notes in Computer Science, vol 8166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40894-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40894-6_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40893-9

  • Online ISBN: 978-3-642-40894-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation