Title: A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B

Authors: Giles Howard; Michael Butler; John Colley; Vladimiro Sassone

Addresses: School of Electronics and Computer Science, University of Southampton, UK ' School of Electronics and Computer Science, University of Southampton, UK ' School of Electronics and Computer Science, University of Southampton, UK ' School of Electronics and Computer Science, University of Southampton, UK

Abstract: Cyber-physical systems represent a challenge to conventional security and safety analysis techniques due to their complexity and the need to consider both safety and security equally. It is also important that the requirements generated to mitigate against safety and security risks are clear and adequately address the underlying issue. A methodology is presented in this paper to allow for integrated safety and security analysis of cyber-physical systems, particularly in a critical infrastructure context. This methodology uses a modified form of STPA, which has been coupled with our concept of adversarial modelling, to analyse for security and safety hazards which are then mitigated against by the creation of critical requirements. These critical requirements are then validated through their application to an Event-B formal model, allowing for their completeness to be verified. The output of the methodology is a set of critical requirements that guide iteration of and improvements to the system design to ensure its safety and security are maintained.

Keywords: systems theoretic process analysis; STPA; hazard analysis; Event-B; safety analysis; security analysis; critical infrastructure; cyber-physical systems; adversarial modelling; critical systems.

DOI: 10.1504/IJCCBS.2019.098815

International Journal of Critical Computer-Based Systems, 2019 Vol.9 No.1/2, pp.56 - 75

Received: 16 Jan 2018
Accepted: 04 Dec 2018
Published online: 02 Apr 2019 *