Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

Nelson Humberto Carreras Guzman, D. Kwame Minde Kufoalor, Igor Kozin, Mary Ann Lundteigen

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

39 Downloads (Pure)

Abstract

Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.
Original languageEnglish
Title of host publicationProceedings of the 29th European Safety and Reliability Conference
EditorsMichael Beer, Enrico Zio
Publication date2019
Pages4099-4106
DOIs
Publication statusPublished - 2019
Event29th European Safety and Reliability Conference - Leibniz University Hannover, Hannover, Germany
Duration: 22 Sep 201926 Sep 2019
https://esrel2019.org/#/

Conference

Conference29th European Safety and Reliability Conference
LocationLeibniz University Hannover
CountryGermany
CityHannover
Period22/09/201926/09/2019
Internet address

Cite this

Carreras Guzman, N. H., Kwame Minde Kufoalor, D., Kozin, I., & Lundteigen, M. A. (2019). Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. In M. Beer, & E. Zio (Eds.), Proceedings of the 29th European Safety and Reliability Conference (pp. 4099-4106) https://doi.org/10.3850/978-981-11-2724-3_ 0208-cd
Carreras Guzman, Nelson Humberto ; Kwame Minde Kufoalor, D. ; Kozin, Igor ; Lundteigen, Mary Ann. / Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. Proceedings of the 29th European Safety and Reliability Conference. editor / Michael Beer ; Enrico Zio. 2019. pp. 4099-4106
@inproceedings{d40f43bb040542699df20b00051eeea8,
title = "Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel",
abstract = "Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.",
author = "{Carreras Guzman}, {Nelson Humberto} and {Kwame Minde Kufoalor}, D. and Igor Kozin and Lundteigen, {Mary Ann}",
year = "2019",
doi = "10.3850/978-981-11-2724-3_ 0208-cd",
language = "English",
pages = "4099--4106",
editor = "Michael Beer and Enrico Zio",
booktitle = "Proceedings of the 29th European Safety and Reliability Conference",

}

Carreras Guzman, NH, Kwame Minde Kufoalor, D, Kozin, I & Lundteigen, MA 2019, Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. in M Beer & E Zio (eds), Proceedings of the 29th European Safety and Reliability Conference. pp. 4099-4106, 29th European Safety and Reliability Conference, Hannover, Germany, 22/09/2019. https://doi.org/10.3850/978-981-11-2724-3_ 0208-cd

Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. / Carreras Guzman, Nelson Humberto; Kwame Minde Kufoalor, D.; Kozin, Igor; Lundteigen, Mary Ann.

Proceedings of the 29th European Safety and Reliability Conference. ed. / Michael Beer; Enrico Zio. 2019. p. 4099-4106.

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel

AU - Carreras Guzman, Nelson Humberto

AU - Kwame Minde Kufoalor, D.

AU - Kozin, Igor

AU - Lundteigen, Mary Ann

PY - 2019

Y1 - 2019

N2 - Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.

AB - Many standards consider safety and security risk analysis as separate fields, specifying the system specific safety or security issues and methods to analyze them. Having these separated fields of safety and security standards complicates the risk analysis of cyber-physical systems (CPSs), where safety and security issues coexist within the integrated layers of the system. Even though several integrated safety and security analysis methods exist in the literature, they are not tailored to assess the complex and tight interactions among the CPS layers and the system’s surrounding environments. Therefore, this paper describes a method to conduct a combined safety and security risk analysis in CPSs for safety verification. Namely, we propose the Uncontrolled Flows of Information and Energy (UFoI-E) method, introducing novel diagrammatic representations to consider the dependencies within a CPS and its surrounding environments. As a case study, this paper describes a risk analysis of the collision avoidance function of an autonomous surface vessel, proving the convenience of examining the safety of autonomous vessels as safe and secure CPSs. The results of this paper may be input to new revisions and initiatives on new standards combining safety and security analysis.

U2 - 10.3850/978-981-11-2724-3_ 0208-cd

DO - 10.3850/978-981-11-2724-3_ 0208-cd

M3 - Article in proceedings

SP - 4099

EP - 4106

BT - Proceedings of the 29th European Safety and Reliability Conference

A2 - Beer, Michael

A2 - Zio, Enrico

ER -

Carreras Guzman NH, Kwame Minde Kufoalor D, Kozin I, Lundteigen MA. Combined safety and security risk analysis using the UFoI-E method: A case study of an autonomous surface vessel. In Beer M, Zio E, editors, Proceedings of the 29th European Safety and Reliability Conference. 2019. p. 4099-4106 https://doi.org/10.3850/978-981-11-2724-3_ 0208-cd