Article

Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline

Authors:

Frederic Colin,

Ludovic Pietre-CambacedesAuthors Info & Claims

SAFECOMP 2014: Proceedings of the 33rd International Conference on Computer Safety, Reliability, and Security - Volume 8666

Pages 326 - 341

https://doi.org/10.1007/978-3-319-10506-2_22

Published: 10 September 2014 Publication History

Abstract

The digitalization of industrial control systems (ICS) raises several security threats that can endanger the safety of the critical infrastructures supervised by such systems. This paper presents an analysis method that enables the identification and ranking of risks leading to a safety issue, regardless of the origin of those risks: accidental or due to malevolence. This method relies on a modeling formalism called BDMP (Boolean logic Driven Markov Processes) that was initially created for safety studies, and then adapted to security. The use of the method is first illustrated on a simple case to show how it can be used to make decisions in a situation where security requirements are in conflict with safety requirements. Then it is applied to a realistic industrial system: a pipeline and its instrumentation and control system in order to highlight possible interactions between safety and security.

References

[1]

Bieber, P., Blanquart, J.P., Descargues, G., Dulucq, M., Fourastier, Y., Hazane, E., Julien, M., Leonardon, L., Sarouille, G.: Security and safety assurance for aerospace embedded systems. In: Proceedings of the 6th International Conference on Embedded Real Time Software and Systems, Toulouse, France, pp. 1—10 (2012)

[2]

Bouissou, M., Bon, J.-L.: A new formalism that combines advantages of fault-trees and markov models: Boolean logic driven markov processes. Reliability Engineering & System Safetyää82(2), 149—163 (2003)

[3]

Chiaradonna, S., Di Giandomenico, F., Lollini, P.: Case study on critical infrastructures: Assessment of electric power systems. In: Wolter, K., Avritzer, A., Vieira, M., van Moorsel, A. (eds.) Resilience Assessment and Evaluation of Computing Systems, pp. 365—390. Springer, Heidelberg (2012)

[4]

Eames, D.P., Moffett, J.D.: The integration of safety and security requirements. In: Felici, M., Kanoun, K., Pasquini, A. (eds.) SAFECOMP 1999. LNCS, vol.ä1698, pp. 468—480. Springer, Heidelberg (1999)

Digital Library

[5]

Hunter, B.: Integrating safety and security into the system lifecycle. In: Improving Systems and Software Engineering Conference (ISSEC), Canberr, Australia, p. 147 (August 2009)

[6]

Kornecki, A., Subramanian, N., Zalewski, J.: Studying interrelationships of safety and security for software assurance in cyber-physical systems: Approach based on bayesian belief networks. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 1393—1399 (2013)

[7]

Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447—462 (2010)

Digital Library

[8]

Kriaa, S., Bouissou, M., Pietre-Cambacedes, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: 2012 7th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1—8 (2012)

Digital Library

[9]

Nai Fovino, I., Masera, M., De Cian, A.: Integrating cyber attacks within fault trees. Reliability Engineering & System Safetyää94(9), 1394—1402 (2009)

[10]

Novak, T., Gerstinger, A.: Safety- and security-critical services in building automation and control systems. IEEE Transactions on Industrial Electronicsä57(11), 3614—3621 (2010)

[11]

Pietre-Cambacedes, L., Bouissou, M.: Beyond attack trees: Dynamic security modeling with boolean logic driven markov processes (BDMP). In: Dependable Computing Conference (EDCC), 2010 European, pp. 199—208 (2010)

Digital Library

[12]

Pietre-Cambacedes, L., Bouissou, M.: Modeling safety and security interdependencies with BDMP (boolean logic driven markov processes). In: IEEE International Conference on Systems Man and Cybernetics (SMC), pp. 2852—2861 (2010)

[13]

Pietre-Cambacedes, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Reliability Engineering & System Safetyää110, 110—126 (2013)

[14]

Pietre-Cambacedes, L., Deflesselle, Y., Bouissou, M.: Security modeling with BDMP: from theory to implementation. In: 2011 Conference on Network and Information Systems Security (SAR-SSI), pp. 1—8 (2011)

[15]

Pietre-Cambacedes, L., Bouissou, M.: Attack and defense dynamic modeling with BDMP (extended version). Tech. rep., Technical Report, Telecom ParisTech (2010)

[16]

Pietre-Cambacedes, L., Chaudet, C.: The SEMA referential framework: Avoiding ambiguities in the terms "security" and "safety". International Journal of Critical Infrastructure Protectionä3(2), 55—66 (2010)

[17]

Smith, J., Russell, S., Looi, M.: Security as a safety issue in rail communications. In: Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software, SCS 2003, vol.ä33, pp. 79—88. Australian Computer Society, Inc., Australia (2003)

Digital Library

[18]

Steiner, M., Liggesmeyer, P.: Combination of safety and security analysis-finding security problems that threaten the safety of a system. In: Proceedings of Workshop DECS (ERCIM/EWICS Workshop on Dependable Embedded and Cyber-physical Systems) of the 32nd International Conference on Computer Safety, Reliability and Security (2013)

[19]

Sun, M., Mohan, S., Sha, L., Gunter, C.: Addressing safety and security contradictions in cyber-physical systems. In: 1st Workshop on Future Directions in Cyber-Physical Systems Security (CPSS 2009), Newark, United States (2009)

Cited By

Xiang JZhang XZheng QDeng LZhao DZhou J(2024)CIDF:Combined Intrusion Detection Framework in Industrial Control Systems based on Packet Signature and Enhanced FSFDPProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3674812(417-426)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3674812
Quamara MKolb CHamid B(2023)Analyzing Origins of Safety and Security Interactions Using Feared Events Trees and Multi-level ModelComputer Safety, Reliability, and Security. SAFECOMP 2023 Workshops10.1007/978-3-031-40953-0_15(176-187)Online publication date: 19-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-40953-0_15
Arcile JAndré É(2022)Timed Automata as a Formalism for Expressing Security: A Survey on Theory and PracticeACM Computing Surveys10.1145/353496755:6(1-36)Online publication date: 7-Dec-2022
https://dl.acm.org/doi/10.1145/3534967
Show More Cited By

Index Terms

Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline
1. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

Adding Security Concerns to Safety Critical Certification
ISSREW '14: Proceedings of the 2014 IEEE International Symposium on Software Reliability Engineering Workshops

Safety-critical systems represent those systems whose failure may lead to catastrophic consequences on users and environment. Several methods and hazard analysis, and standards in different disciplines, have been defined in order to assure the systems ...
A Methodology to Enhance Industrial Control System Security
Abstract
The frequency and sophistication of cyber-threats towards Industrial Control Systems (ICS) continues to increase. This reality, coupled with the increased interconnectivity of ICS and enterprise networks and the utilisation of standard system ...
Disentangling the relations between safety and security
AIC'09: Proceedings of the 9th WSEAS international conference on Applied informatics and communications

This article aims at a finer apprehension of the relations between safety and security, which are intrinsically and increasingly intricate. We introduce a new conceptual framework to better capture their moving perimeters. Then, we present our on-going ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

SAFECOMP 2014: Proceedings of the 33rd International Conference on Computer Safety, Reliability, and Security - Volume 8666

September 2014

353 pages

ISBN:9783319105055

Editors:
Andrea Bondavalli
Department of Mathematics and Informatics, University of Florence, Florence, Italy
,
Felicita Di Giandomenico
ISTI-CNR, Pisa, Italy

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 10 September 2014

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xiang JZhang XZheng QDeng LZhao DZhou J(2024)CIDF:Combined Intrusion Detection Framework in Industrial Control Systems based on Packet Signature and Enhanced FSFDPProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3674812(417-426)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3674812
Quamara MKolb CHamid B(2023)Analyzing Origins of Safety and Security Interactions Using Feared Events Trees and Multi-level ModelComputer Safety, Reliability, and Security. SAFECOMP 2023 Workshops10.1007/978-3-031-40953-0_15(176-187)Online publication date: 19-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-40953-0_15
Arcile JAndré É(2022)Timed Automata as a Formalism for Expressing Security: A Survey on Theory and PracticeACM Computing Surveys10.1145/353496755:6(1-36)Online publication date: 7-Dec-2022
https://dl.acm.org/doi/10.1145/3534967
Kumar RKela RSingh STrujillo-Rasua R(2022)APT attacks on industrial control systemsInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2022.10052137:COnline publication date: 1-Jul-2022
https://dl.acm.org/doi/10.1016/j.ijcip.2022.100521
Arnaboldi LAspinall D(2022)Towards Interdependent Safety Security Assessments Using BowtiesComputer Safety, Reliability, and Security. SAFECOMP 2022 Workshops 10.1007/978-3-031-14862-0_16(211-229)Online publication date: 6-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-14862-0_16
Stoelinga MKolb CNicoletti SBudde CHahn E(2021)The Marriage Between Safety and Cybersecurity: Still PracticingModel Checking Software10.1007/978-3-030-84629-9_1(3-21)Online publication date: 12-Jul-2021
https://dl.acm.org/doi/10.1007/978-3-030-84629-9_1
Poorhadi ETroubitysna EDan G(2020)Formalising the Impact of Security Attacks on IoT SafetyComputer Safety, Reliability, and Security. SAFECOMP 2020 Workshops10.1007/978-3-030-55583-2_5(69-81)Online publication date: 15-Sep-2020
https://dl.acm.org/doi/10.1007/978-3-030-55583-2_5
Vistbakka ITroubitsyna E(2019)Pattern-Based Formal Approach to Analyse Security and Safety of Control SystemsModel-Based Safety and Assessment10.1007/978-3-030-32872-6_24(363-378)Online publication date: 16-Oct-2019
https://dl.acm.org/doi/10.1007/978-3-030-32872-6_24
Lin CYu H(2016)Invited - Cooperation or competition?Proceedings of the 53rd Annual Design Automation Conference10.1145/2897937.2905006(1-6)Online publication date: 5-Jun-2016
https://dl.acm.org/doi/10.1145/2897937.2905006
Li THankin C(2015)A model-based approach to interdependency between safety and security in ICSProceedings of the 3rd International Symposium for ICS & SCADA Cyber Security Research10.14236/ewic/ICS2015.4(31-41)Online publication date: 17-Sep-2015
https://dl.acm.org/doi/10.14236/ewic/ICS2015.4
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents