Використання методу верифікації FMEDA/FIT для оцінювання кібербезпеки програмованого логічного контролера: нова інтерпретація принципу SIS

Aerospace technic and technology Pub Date : 2024-02-27 DOI:10.32620/aktt.2024.1.07

Oleksandr Ivasiuk, V. Kharchenko

{"title":"Використання методу верифікації FMEDA/FIT для оцінювання кібербезпеки програмованого логічного контролера: нова інтерпретація принципу SIS","authors":"Oleksandr Ivasiuk, V. Kharchenko","doi":"10.32620/aktt.2024.1.07","DOIUrl":null,"url":null,"abstract":"The object of this study is a programmable logic controller (safety PLC), which is part of an information and control system designed for safe management of important technological processes. The subject of this study is the substantiation of the legality of reusing the results obtained during the development of the safety PLC in accordance with the requirements of functional safety to assess the level of its cyber security. The purpose of this work is to investigate the possibility of \"cross\" evaluation of the safety characteristics of the safety PLC, namely, the possibility of evaluating the level of cyber security of the programmable logic controller based on known data regarding its level of functional safety, in order to optimize the use of available resources in the project. The study tasks are following: to provide a theoretical basis for the relationship between safety PLC characteristics such as functional safety and cybersecurity. Determine the metrics by which it will be possible to assess the degree of reuse of existing results. Perform an analysis of potential cyberattacks depending on the architecture of the information and control system, which performs security functions, as well as on the possible modes of its use. Determine and evaluate the degree of \"cross\" influence of critical characteristics of the research object. To perform a calculation analysis of the potential financial and time gain from the reuse of already known results for the minimum configuration of the safety PLC. Conclusions. The study demonstrated the relevance of the question of assessing the cybersecurity of a programmable logic controller based on the use of existing data, regarding its level of functional security (SIL). The proposed approach provides opportunities to significantly optimize the use of resources in safety PLC certification projects. However, the main methodological conclusion is that the well-known principle of Security Informed Safety can be developed and used in practice in the opposite direction, as Security supported/assessed by Safety. That is, to the principle of \"assessment of functional safety taking into account/on information (cyber) security\" the principle of \"assessment of information (cyber) security with the support of/taking into account the results of the assessment of functional security\" is added.","PeriodicalId":418062,"journal":{"name":"Aerospace technic and technology","volume":"23 8","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Aerospace technic and technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32620/aktt.2024.1.07","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The object of this study is a programmable logic controller (safety PLC), which is part of an information and control system designed for safe management of important technological processes. The subject of this study is the substantiation of the legality of reusing the results obtained during the development of the safety PLC in accordance with the requirements of functional safety to assess the level of its cyber security. The purpose of this work is to investigate the possibility of "cross" evaluation of the safety characteristics of the safety PLC, namely, the possibility of evaluating the level of cyber security of the programmable logic controller based on known data regarding its level of functional safety, in order to optimize the use of available resources in the project. The study tasks are following: to provide a theoretical basis for the relationship between safety PLC characteristics such as functional safety and cybersecurity. Determine the metrics by which it will be possible to assess the degree of reuse of existing results. Perform an analysis of potential cyberattacks depending on the architecture of the information and control system, which performs security functions, as well as on the possible modes of its use. Determine and evaluate the degree of "cross" influence of critical characteristics of the research object. To perform a calculation analysis of the potential financial and time gain from the reuse of already known results for the minimum configuration of the safety PLC. Conclusions. The study demonstrated the relevance of the question of assessing the cybersecurity of a programmable logic controller based on the use of existing data, regarding its level of functional security (SIL). The proposed approach provides opportunities to significantly optimize the use of resources in safety PLC certification projects. However, the main methodological conclusion is that the well-known principle of Security Informed Safety can be developed and used in practice in the opposite direction, as Security supported/assessed by Safety. That is, to the principle of "assessment of functional safety taking into account/on information (cyber) security" the principle of "assessment of information (cyber) security with the support of/taking into account the results of the assessment of functional security" is added.

查看原文本刊更多论文

使用 FMEDA/FIT 验证方法评估可编程逻辑控制器的网络安全：对 SIS 原则的新诠释

本研究的对象是可编程逻辑控制器（安全 PLC），它是为重要技术过程的安全管理而设计的信息和控制系统的一部分。本研究的主题是根据功能安全的要求，证实重新使用安全 PLC 开发过程中获得的结果来评估其网络安全水平的合法性。这项工作的目的是研究对安全 PLC 的安全特性进行 "交叉 "评估的可能性，即根据可编程逻辑控制器功能安全等级的已知数据评估其网络安全等级的可能性，以优化项目中可用资源的使用。研究任务如下：为安全 PLC 特性（如功能安全和网络安全）之间的关系提供理论依据。确定评估现有成果重用程度的指标。根据执行安全功能的信息和控制系统的结构及其可能的使用模式，对潜在的网络攻击进行分析。确定和评估研究对象关键特征的 "交叉 "影响程度。对安全 PLC 最低配置重复使用已知结果可能带来的经济和时间收益进行计算分析。结论。这项研究表明，在使用现有数据的基础上评估可编程逻辑控制器的网络安全问题与其功能安全级别 (SIL) 的相关性。所提出的方法为大幅优化安全 PLC 认证项目的资源利用提供了机会。不过，主要的方法论结论是，众所周知的 "安全告知安全 "原则在实践中可以朝相反的方向发展和使用，即 "安全支持/评估安全"。也就是说，在 "功能安全评估考虑/基于信息（网络）安全 "原则的基础上，增加 "信息（网络）安全评估支持/考虑功能安全评估结果 "原则。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Aerospace technic and technology

自引率

0.00%

发文量