Towards a Formal Approach to Analysing Security of Safety-Critical Systems

Abstract

Since safety-critical control systems become increasingly interconnected, there is a clear need for the techniques that enable an integrated analysis of safety and security requirements. In this paper, we propose an integrated approach to systematically deriving and formalising safety and security requirements. To facilitate requirements elicitation, we propose to adapt and integrate traditional safety and security analysis techniques. To formally specify and verify the requirements, we rely on Event-B framework. By relying on refinement and proofs, the framework allows us to specify and verify system behaviour in presence of both accidental faults and security attacks and analyse mutual interdependencies between safety and security requirements.