The University of Southampton
University of Southampton Institutional Repository

Formal analysis of safety and security requirements of critical systems supported by an extended STPA methodology

Formal analysis of safety and security requirements of critical systems supported by an extended STPA methodology
Formal analysis of safety and security requirements of critical systems supported by an extended STPA methodology
Cyber-physical systems represent an engineering challenge due to their safety and security concerns, particularly those systems involved in critical infrastructure which require some of the highest standards of safety, availability, integrity and security. The complexity of these systems makes the identification and analysis of safety and security requirements challenging. In this paper, we present a methodology for identifying and formally analysing safety and security requirements, based on the STPA methodology and combined with modelling, traceability and formal verification through use of the Event-B formal method. Our STPA approach is then leveraged to generate ‘critical requirements’ to mitigate against undesirable system states, which are subsequently translated
into constraints on an Event-B representation of the system. The Rodin toolset allows us to demonstrate that these critical requirements fully mitigate against the undesirable system states and therefore provide automated verification of the critical requirements.
Howard, Giles
8be3e4df-abc3-4277-ad00-918d4089b8c1
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Colley, John
d2877837-a2f2-4f84-b3f3-3ffe79ffeb87
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7
Howard, Giles
8be3e4df-abc3-4277-ad00-918d4089b8c1
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Colley, John
d2877837-a2f2-4f84-b3f3-3ffe79ffeb87
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7

Howard, Giles, Butler, Michael, Colley, John and Sassone, Vladimiro (2017) Formal analysis of safety and security requirements of critical systems supported by an extended STPA methodology. 2nd Workshop on Safety & Security aSSurance, , Paris, France. 29 Apr 2017. 6 pp . (In Press) (doi:10.1109/EuroSPW.2017.68).

Record type: Conference or Workshop Item (Paper)

Abstract

Cyber-physical systems represent an engineering challenge due to their safety and security concerns, particularly those systems involved in critical infrastructure which require some of the highest standards of safety, availability, integrity and security. The complexity of these systems makes the identification and analysis of safety and security requirements challenging. In this paper, we present a methodology for identifying and formally analysing safety and security requirements, based on the STPA methodology and combined with modelling, traceability and formal verification through use of the Event-B formal method. Our STPA approach is then leveraged to generate ‘critical requirements’ to mitigate against undesirable system states, which are subsequently translated
into constraints on an Event-B representation of the system. The Rodin toolset allows us to demonstrate that these critical requirements fully mitigate against the undesirable system states and therefore provide automated verification of the critical requirements.

Text
s4cip_as_accepted.pdf - Accepted Manuscript
Download (112kB)

More information

Accepted/In Press date: 23 January 2017
Venue - Dates: 2nd Workshop on Safety & Security aSSurance, , Paris, France, 2017-04-29 - 2017-04-29
Organisations: Agents, Interactions & Complexity, Electronics & Computer Science, Electronic & Software Systems, Faculty of Physical Sciences and Engineering

Identifiers

Local EPrints ID: 406432
URI: http://eprints.soton.ac.uk/id/eprint/406432
PURE UUID: cd141b95-6cc0-475b-89d9-47e36107afa4
ORCID for Giles Howard: ORCID iD orcid.org/0000-0002-6879-8544
ORCID for Michael Butler: ORCID iD orcid.org/0000-0003-4642-5373

Catalogue record

Date deposited: 10 Mar 2017 10:47
Last modified: 16 Mar 2024 02:51

Export record

Altmetrics

Contributors

Author: Giles Howard ORCID iD
Author: Michael Butler ORCID iD
Author: John Colley
Author: Vladimiro Sassone

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×