{"title":"从对策模式的设计原理推导出基于模型的安全和安全保障案例","authors":"Roman Trentinaglia","doi":"10.1145/3550356.3558508","DOIUrl":null,"url":null,"abstract":"Cyber-physical Systems are computerized systems that control mechanical parts. These systems have to be both, safe and secure. Established safety and security standards therefore mandate the creation of assurance cases (ACs) which argue that the system is safe and secure, i.e., that all safety and security goals have been achieved. However, in practice, safety and security teams often work separated and ACs are usually created late in the development in a manual manner. In addition to the high effort required to reconstruct taken design decisions, this approach leads to conflicts being found late, when changes are hardly possible. As engineers often make use of mitigation strategies and countermeasure patterns to achieve the stated safety and security goals, I propose an approach to augment these patterns with additional design rationale and AC fragments to support the creation of complete ACs in a semi-automatic manner. With this approach, I want to pave the way towards an integrated Safety & Security by Design process by bringing together safety and security experts in early stages of the development. This objective shall be achieved by allowing them to work on a common design rationale, which shall further be re-used to automatically derive ACs. Thereby, the manual effort of AC creation is reduced and the susceptibility to errors is decreased.","PeriodicalId":182662,"journal":{"name":"Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns\",\"authors\":\"Roman Trentinaglia\",\"doi\":\"10.1145/3550356.3558508\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-physical Systems are computerized systems that control mechanical parts. These systems have to be both, safe and secure. Established safety and security standards therefore mandate the creation of assurance cases (ACs) which argue that the system is safe and secure, i.e., that all safety and security goals have been achieved. However, in practice, safety and security teams often work separated and ACs are usually created late in the development in a manual manner. In addition to the high effort required to reconstruct taken design decisions, this approach leads to conflicts being found late, when changes are hardly possible. As engineers often make use of mitigation strategies and countermeasure patterns to achieve the stated safety and security goals, I propose an approach to augment these patterns with additional design rationale and AC fragments to support the creation of complete ACs in a semi-automatic manner. With this approach, I want to pave the way towards an integrated Safety & Security by Design process by bringing together safety and security experts in early stages of the development. This objective shall be achieved by allowing them to work on a common design rationale, which shall further be re-used to automatically derive ACs. Thereby, the manual effort of AC creation is reduced and the susceptibility to errors is decreased.\",\"PeriodicalId\":182662,\"journal\":{\"name\":\"Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3550356.3558508\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3550356.3558508","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns
Cyber-physical Systems are computerized systems that control mechanical parts. These systems have to be both, safe and secure. Established safety and security standards therefore mandate the creation of assurance cases (ACs) which argue that the system is safe and secure, i.e., that all safety and security goals have been achieved. However, in practice, safety and security teams often work separated and ACs are usually created late in the development in a manual manner. In addition to the high effort required to reconstruct taken design decisions, this approach leads to conflicts being found late, when changes are hardly possible. As engineers often make use of mitigation strategies and countermeasure patterns to achieve the stated safety and security goals, I propose an approach to augment these patterns with additional design rationale and AC fragments to support the creation of complete ACs in a semi-automatic manner. With this approach, I want to pave the way towards an integrated Safety & Security by Design process by bringing together safety and security experts in early stages of the development. This objective shall be achieved by allowing them to work on a common design rationale, which shall further be re-used to automatically derive ACs. Thereby, the manual effort of AC creation is reduced and the susceptibility to errors is decreased.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
