DESSERT'2020

11th International IEEE Conference
Dependable Systems, Services and Technologies
Ukraine, Kyiv, May 14-18, 2020
ACCEPTED BY IEEE TO BE ORGANIZED ONLINE

IEEE
  • Information

  • Deadlines

    Paper submission: Extra deadline March 3, 2020

    Notification of paper acceptance: March 23, 2020

    Final manuscript: April 5, 2020

    Registration and payment: April 8, 2020

    Program draft publication: May 1, 2020

    Conference date: May 14-18, 2020

  • Contacts

    Department 503, DESSERT’2020 Organizing Committee,
    National Aerospace University n. a. N. E. Zhukovsky “KhAI”,
    Chkalov str., 17, Kharkiv, 61070, Ukraine
    Phone: +38 (095) 564 76 69
    (contact person – Anastasiia Strielkina)
    e-mail: dessert@csn.khai.edu

    www: dessert.ieee.org.ua

  • Archive

Peter Popov

Co-engineering for Safety and Security: The AQUAS project perspective

Abstract:

Engineering safety-critical systems for operation under cyber-attacks poses significant challenges. Among the organisational challenges are the “safety and security silos”. The skill sets needed from safety engineers (safety “silo”) and from the security professionals (security “silo”) are very different. Communication between these professionals is typically poor (non-existent) and ineffective. Among the technical challenges is the challenge of developing methods of “combined analysis for safety and security”, which can be trusted in resolving rationally the trade-offs between safety and security. These methods of analysis do not merely account for accidental and malicious failures, which are well understood and practiced, but also the interdependencies between safety and security, e.g. account for the effects of successful attacks on safety mechanisms and vice versa – of the effect on security controls of a safety event.
These problems have been addressed in the on-going AQUAS project (ECSEL RIA). In the talk I will focus on the methodological aspects of “co-engineering safe and secure systems” throughout the product lifecycle (PLC) including requirements elicitation, system design and operation. Central in the methodology has been the concept of “interaction points (IPs)”, a lightweight technique, which breaks the “silos” and encourages efficient communication between safety and security experts supported by highly specialised software tools. IPs are points in the PLC, at which a holistic view on system behaviour in the intended adverse operational environment is built and captured by a suitable model (e.g. a state-based probabilistic model). Solving the model for the chosen measure of interest, e.g. the probability of unsafe failure within a mission of given length, will allow developers to establish if the designed system is fit for purpose.
An essential aspect of the models used for combined analysis is that they capture all relevant risks – the accidental failures, the attacks on system assets and critically, and the specific mechanisms of interdependencies between safety mechanisms and security controls.
In the talk I will illustrate the approach with examples of realistically complex case studies used in the AQUAS project and will provide illustrations of the tool support for co-engineering with IPs developed in AQUAS.

Dr Peter Popov is an expert in Software Dependability. He was born in Bulgaria, graduated in Computer Engineering in 1982 from the National Technical University in Kiev (KPI), Ukraine, at the time part of the Soviet Union, and received his doctorate (Candidate of Sciences) from the same University in 1989.

Before joining the Centre for Software Reliability (CSR) at City, University of London in 1997 he worked for the Bulgarian Academy of Sciences as Associate Professor in the Institute of Information and Communication Technologies.

He was a visiting scientist in the Coordinated Science Laboratory (CSL) in the University of Illinois at Urbana Champaign (US), in LAAS – CNRS in Toulouse (France), and Duke University (US).

He worked and consulted in the areas of computer and software dependability in several counties in Europe and in the US.

Flag Counter