Towards Interdependent Safety Security Assessments using Bowties

08/06/2022
by   Luca Arnaboldi, et al.
0

We present a way to combine security and safety assessments using Bowtie Diagrams. Bowties model both the causes leading up to a central failure event and consequences which arise from that event, as well as barriers which impede events. Bowties have previously been used separately for security and safety assessments, but we suggest that a unified treatment in a single model can elegantly capture safety-security interdependencies of several kinds. We showcase our approach with the example of the October 2021 Facebook DNS shutdown, examining the chains of events and the interplay between the security and safety barriers which caused the outage.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/11/2021

Model-based Safety and Security Co-analysis: a Survey

We survey the state-of-the-art on model-based formalisms for safety and ...
research
01/24/2019

An Assurance Framework for Independent Co-assurance of Safety and Security

Integrated safety and security assurance for complex systems is difficul...
research
02/23/2017

A Neural Attention Model for Categorizing Patient Safety Events

Medical errors are leading causes of death in the US and as such, preven...
research
01/25/2022

Automating Safety and Security Co-Design through Semantically-Rich Architecture Patterns

During the design of safety-critical systems, safety and security engine...
research
10/24/2018

The Unit-B Method --- Refinement Guided by Progress Concerns

We present Unit-B, a formal method inspired by Event-B and UNITY. Unit-B...

Please sign up or login with your details

Forgot password? Click here to reset