Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

Nelson Humberto Carreras Guzman; D. Kwame Minde Kufoalor; Igor Kozin; Mary Ann Lundteigen

Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

Nelson Humberto Carreras Guzman, D. Kwame Minde Kufoalor, Igor Kozin, Mary Ann Lundteigen

Department of Technology, Management and Economics

Norwegian University of Science and Technology

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

405 Downloads (Pure)

Abstract

Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.

Original language	English
Title of host publication	Proceedings of the 29th European Safety and Reliability Conference
Editors	Michael Beer, Enrico Zio
Publisher	European Safety and Reliability Association
Publication date	2019
Pages	4099-4106
Publication status	Published - 2019
Event	29th European Safety and Reliability Conference - Leibniz University Hannover, Hannover, Germany Duration: 22 Sept 2019 → 26 Sept 2019 Conference number: 29 https://esrel2019.org/#/

Conference

Conference	29th European Safety and Reliability Conference
Number	29
Location	Leibniz University Hannover
Country/Territory	Germany
City	Hannover
Period	22/09/2019 → 26/09/2019
Internet address	https://esrel2019.org/#/

Access to Document

Full textFinal published version, 1.08 MB

OpenUrl availability

Full text

Grand Opening of Centre for Collaborative Autonomous Systems and Autonomous Systems Test Arena
Carreras Guzman, N. H. (Organizer)
21 Oct 2020
Activity: Attending an event › Participating in or organising a conference

File

Cite this

Carreras Guzman, N. H., Kwame Minde Kufoalor, D., Kozin, I., & Lundteigen, M. A. (2019). Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. In M. Beer, & E. Zio (Eds.), Proceedings of the 29th European Safety and Reliability Conference (pp. 4099-4106). European Safety and Reliability Association. http://itekcmsonline.com/rps2prod/esrel2019/e-proceedings/html/0208.xml

@inproceedings{d40f43bb040542699df20b00051eeea8,

title = "Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel",

abstract = "Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system{\textquoteright}s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.",

author = "{Carreras Guzman}, {Nelson Humberto} and {Kwame Minde Kufoalor}, D. and Igor Kozin and Lundteigen, {Mary Ann}",

year = "2019",

language = "English",

pages = "4099--4106",

editor = "Michael Beer and Enrico Zio",

booktitle = "Proceedings of the 29th European Safety and Reliability Conference",

publisher = "European Safety and Reliability Association",

note = "29th European Safety and Reliability Conference, ESREL 2019 ; Conference date: 22-09-2019 Through 26-09-2019",

url = "https://esrel2019.org/#/",

}

Carreras Guzman, NH, Kwame Minde Kufoalor, D, Kozin, I & Lundteigen, MA 2019, Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. in M Beer & E Zio (eds), Proceedings of the 29th European Safety and Reliability Conference. European Safety and Reliability Association, pp. 4099-4106, 29th European Safety and Reliability Conference, Hannover, Lower Saxony, Germany, 22/09/2019. <http://itekcmsonline.com/rps2prod/esrel2019/e-proceedings/html/0208.xml>

Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. / Carreras Guzman, Nelson Humberto; Kwame Minde Kufoalor, D.; Kozin, Igor et al.
Proceedings of the 29th European Safety and Reliability Conference. ed. / Michael Beer; Enrico Zio. European Safety and Reliability Association, 2019. p. 4099-4106.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

AU - Carreras Guzman, Nelson Humberto

AU - Kwame Minde Kufoalor, D.

AU - Kozin, Igor

AU - Lundteigen, Mary Ann

N1 - Conference code: 29

PY - 2019

Y1 - 2019

N2 - Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.

AB - Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.

M3 - Article in proceedings

SP - 4099

EP - 4106

BT - Proceedings of the 29th European Safety and Reliability Conference

A2 - Beer, Michael

A2 - Zio, Enrico

PB - European Safety and Reliability Association

T2 - 29th European Safety and Reliability Conference

Y2 - 22 September 2019 through 26 September 2019

ER -

Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

Abstract

Conference

Access to Document

OpenUrl availability

Fingerprint

Activities

Grand Opening of Centre for Collaborative Autonomous Systems and Autonomous Systems Test Arena

Cite this