An integrated safety and security analysis for cyber-physical harm scenarios

• Published in: Safety science Vol. 144; p. 105458
• Main Authors: Carreras Guzman, Nelson H., Kozine, Igor, Lundteigen, Mary Ann
• Format: Journal Article
• Language: English
• Published: Amsterdam Elsevier Ltd 01.12.2021; Elsevier BV
• Subjects: Accidents; Autonomous Systems; Bowtie Method; Check lists; Complications; Cyber-Physical Harm Analysis for Safety and Security (CyPHASS); Cyber-physical systems; Cyber-Physical Systems (CPSs); Cybersecurity; Digitization; Domains; Information flow; Occupational safety; Risk analysis; Risk assessment; Risk factors; Safety; Safety management; Security; Threat evaluation; Cyber-Physical Harm Analysis for Safety and Security (CyPHASS); Cyber-Physical Systems (CPSs); Autonomous Systems; Bowtie Method
• ISSN: 0925-7535; 1879-1042
• DOI: 10.1016/j.ssci.2021.105458

•Cyber-physical attacks can kill people and inflict damages in the physical world.•The domain of safety science increasingly overlaps with cyber-physical security.•The UFoI-E method facilitates an integrated safety and security analysis of CPSs.•The CyPHASS prototype tool provides lessons learned in an extended bowtie model.•A risk identification workshop with the UFoI-E method enabled system improvements. Increasing digitalization and autonomous solutions in physical systems promise to enhance their performance, cost-efficiency and reliability. However, the integration of novel information technologies with safety-related systems also brings new vulnerabilities and risks that challenge the traditional field of safety analysis. Particularly, cyber security threats are becoming key factors in complex accident scenarios in cyber-physical systems (CPSs), where unintentional errors and design flaws overlap with cyber security vulnerabilities that could lead to harm to humans and assets. This overlap between safety and security analysis is still a loosely defined domain without established theories and methods, leading to complications during the risk analysis of CPSs. In this paper, we first describe how the domain of safety science increasingly overlaps with security analysis. Subsequently, based on this overlapping, we illustrate and complement an integrated method for the identification of harm scenarios in CPSs. This method, coined Uncontrolled Flows of Information and Energy (UFoI-E), offers a distinct theoretical foundation rooted in accident causation models and a framework to design diagrammatic representations of CPSs during the analysis. After summarizing these features of the UFoI-E method, we present our original contribution to the method, which is a new practical toolkit for risk identification composed of an ontology of harm scenarios and a database of checklists built from lessons learned analysis and expert knowledge. Finally, we demonstrate an application of the method in an illustrative case and show representative fields for future work.