• Sorted by Date • Classified by Publication Type • Classified by Research Category •
Yuri Gil Dantas and Vivek Nigam. Automating Safety and Security Co-Design through Semantically Rich Architecture Patterns. ACM Trans. Cyber-Phys. Syst., 7(1), Association for Computing Machinery, New York, NY, USA, feb 2023.
[PDF] [gzipped postscript] [postscript] [HTML]
During the design of safety-critical systems, safety and security engineers make use of architecture patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety architecture patterns has consequences on security; e.g., the deployment of a safety architecture pattern may lead to new threats. The other way around may also be possible; i.e., the deployment of a security architecture pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and tradeoffs in order to reach appropriate system designs. Currently, architecture pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually by experts and thus is time-consuming and prone to human error, especially given the high system complexity. We propose the use of semantically rich architecture patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architecture patterns can address failures or threats, and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.
@article{dantas23tcps, author = {Dantas, Yuri Gil and Nigam, Vivek}, title = {Automating Safety and Security Co-Design through Semantically Rich Architecture Patterns}, year = {2023}, issue_date = {January 2023}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {7}, number = {1}, issn = {2378-962X}, url = {https://doi.org/10.1145/3565269}, doi = {10.1145/3565269}, abstract = {During the design of safety-critical systems, safety and security engineers make use of architecture patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety architecture patterns has consequences on security; e.g., the deployment of a safety architecture pattern may lead to new threats. The other way around may also be possible; i.e., the deployment of a security architecture pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and tradeoffs in order to reach appropriate system designs. Currently, architecture pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually by experts and thus is time-consuming and prone to human error, especially given the high system complexity. We propose the use of semantically rich architecture patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architecture patterns can address failures or threats, and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.}, journal = {ACM Trans. Cyber-Phys. Syst.}, month = {feb}, articleno = {5}, numpages = {28}, keywords = {automotive vehicle systems, automation, safety and security co-design, security architecture patterns, Safety architecture patterns}, bib2html_pubtype = {Journal}, bib2html_rescat = {Formal Methods}, bib2html_dl_pdf = "/docs/tcps23.pdf" }
Generated by bib2html.pl (written by Patrick Riley ) on Mon Jan 08, 2024 13:46:57