Analysing the safety implications of security risks in cyber-physical systems
Analysing the safety implications of security risks in cyber-physical systems
Cyber-physical systems (CPS) often use open communications to expedite interactions and hence introduce security risks which can be exploited by attackers to cause unsafe failure conditions. Interfaces within the system require security properties (e.g. confidentiality, authentication and reliability) in order to ensure that potential risks are eliminated. However, different applications may differ in their sensitivity to particular security properties. Avionics standards such as ED202A require developers to analyse potential security risks to ensure that their impact on the safe operation of an aircraft is acceptable. We show how Event-B modelling can be used to evaluate which security properties affect safety, and other properties such as liveness, in a particular CPS application.
formal methods, Event-B, security analysis, safety analysis
97–119
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Hoang, Thai Son
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Salehi Fathabadi, Asieh
b799ee35-4032-4e7c-b4b2-34109af8aa75
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Kubisch, Martin
ad031a9f-4c11-4b66-9004-cde6209dbbfa
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Hoang, Thai Son
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Salehi Fathabadi, Asieh
b799ee35-4032-4e7c-b4b2-34109af8aa75
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Kubisch, Martin
ad031a9f-4c11-4b66-9004-cde6209dbbfa
Snook, Colin, Hoang, Thai Son, Salehi Fathabadi, Asieh, Butler, Michael and Kubisch, Martin
(2024)
Analysing the safety implications of security risks in cyber-physical systems.
In,
Cavalcanti, Ana and Baxtor, James
(eds.)
The Practice of Formal Methods: Essays in Honour of Cliff Jones, Part II.
(Lecture Notes in Computer Science, 14781)
Springer Cham, .
(doi:10.1007/978-3-031-66673-5_6).
Record type:
Book Section
Abstract
Cyber-physical systems (CPS) often use open communications to expedite interactions and hence introduce security risks which can be exploited by attackers to cause unsafe failure conditions. Interfaces within the system require security properties (e.g. confidentiality, authentication and reliability) in order to ensure that potential risks are eliminated. However, different applications may differ in their sensitivity to particular security properties. Avionics standards such as ED202A require developers to analyse potential security risks to ensure that their impact on the safe operation of an aircraft is acceptable. We show how Event-B modelling can be used to evaluate which security properties affect safety, and other properties such as liveness, in a particular CPS application.
Text
FCJ2024_SnoHoa_submitted
- Author's Original
Restricted to Repository staff only
Request a copy
Text
FCJ2024_SnoHoa_accepted
- Accepted Manuscript
Restricted to Repository staff only until 4 September 2025.
Request a copy
More information
e-pub ahead of print date: 4 September 2024
Additional Information:
Contribution to Festschrift publication in honour of Professor Cliff Jones
Keywords:
formal methods, Event-B, security analysis, safety analysis
Identifiers
Local EPrints ID: 494926
URI: http://eprints.soton.ac.uk/id/eprint/494926
PURE UUID: bae3d03d-7cae-43fd-8728-6269d4b52bf3
Catalogue record
Date deposited: 23 Oct 2024 16:48
Last modified: 24 Oct 2024 01:47
Export record
Altmetrics
Contributors
Author:
Colin Snook
Author:
Thai Son Hoang
Author:
Asieh Salehi Fathabadi
Author:
Michael Butler
Author:
Martin Kubisch
Editor:
Ana Cavalcanti
Editor:
James Baxtor
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics