E. Piesik, Marcin Śliwiński, Narayanan Subramanian, Janusz Zalewski
{"title":"多因素方法和非功能性要求解决方案的概念,通过功能安全与网络安全分析提高复原力","authors":"E. Piesik, Marcin Śliwiński, Narayanan Subramanian, Janusz Zalewski","doi":"10.17531/ein/189454","DOIUrl":null,"url":null,"abstract":"In the process of designing safety systems, an integrated approach in safety and cybersecurity analysis is necessary. The paper describes a new technique of increasing resilience through integrated analysis of functional safety and cybersecurity. It is a modeling methodology based on the combination of the multifactor method utilizing modified risk graphs, used previously for Safety Integrity Level (SIL) assessment, and the Non-Functional Requirements (NFR) approach. The NFR approach, based on the analysis of graphical representation of conceptual and physical components of the system, contributes a technique to include cybersecurity through the Softgoal Interdependency Graph. The assessment methodology is outlined in detail and applied to a case study involving an industrial control system. The analysis turns out to be effective in both aspects: confirming the findings of the multifactor approach based on modified risk graphs and complementing the traditional analysis to increase resilience in discovering and mitigating security vulnerabilities for SIL assessment by the use of NFR.","PeriodicalId":335030,"journal":{"name":"Eksploatacja i Niezawodność – Maintenance and Reliability","volume":"11 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Concept of Multifactor Method and Non-Functional Requirements Solution to Increase Resilience through Functional Safety with Cybersecurity Analysis\",\"authors\":\"E. Piesik, Marcin Śliwiński, Narayanan Subramanian, Janusz Zalewski\",\"doi\":\"10.17531/ein/189454\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the process of designing safety systems, an integrated approach in safety and cybersecurity analysis is necessary. The paper describes a new technique of increasing resilience through integrated analysis of functional safety and cybersecurity. It is a modeling methodology based on the combination of the multifactor method utilizing modified risk graphs, used previously for Safety Integrity Level (SIL) assessment, and the Non-Functional Requirements (NFR) approach. The NFR approach, based on the analysis of graphical representation of conceptual and physical components of the system, contributes a technique to include cybersecurity through the Softgoal Interdependency Graph. The assessment methodology is outlined in detail and applied to a case study involving an industrial control system. The analysis turns out to be effective in both aspects: confirming the findings of the multifactor approach based on modified risk graphs and complementing the traditional analysis to increase resilience in discovering and mitigating security vulnerabilities for SIL assessment by the use of NFR.\",\"PeriodicalId\":335030,\"journal\":{\"name\":\"Eksploatacja i Niezawodność – Maintenance and Reliability\",\"volume\":\"11 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-06-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Eksploatacja i Niezawodność – Maintenance and Reliability\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.17531/ein/189454\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Eksploatacja i Niezawodność – Maintenance and Reliability","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17531/ein/189454","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
在设计安全系统的过程中,有必要对安全和网络安全进行综合分析。本文介绍了一种通过综合分析功能安全和网络安全来提高复原力的新技术。这是一种建模方法,其基础是将以前用于安全完整性等级(SIL)评估的利用修改风险图的多因素方法与非功能要求(NFR)方法相结合。NFR 方法基于对系统概念和物理组件图形表示的分析,通过软目标相互依存图提供了一种包含网络安全的技术。本文详细介绍了评估方法,并将其应用于一个涉及工业控制系统的案例研究。分析结果表明,该方法在两个方面都很有效:证实了基于修改后风险图的多因素方法的结论,并补充了传统的分析方法,通过使用 NFR 提高了发现和减少 SIL 评估安全漏洞的复原力。
Concept of Multifactor Method and Non-Functional Requirements Solution to Increase Resilience through Functional Safety with Cybersecurity Analysis
In the process of designing safety systems, an integrated approach in safety and cybersecurity analysis is necessary. The paper describes a new technique of increasing resilience through integrated analysis of functional safety and cybersecurity. It is a modeling methodology based on the combination of the multifactor method utilizing modified risk graphs, used previously for Safety Integrity Level (SIL) assessment, and the Non-Functional Requirements (NFR) approach. The NFR approach, based on the analysis of graphical representation of conceptual and physical components of the system, contributes a technique to include cybersecurity through the Softgoal Interdependency Graph. The assessment methodology is outlined in detail and applied to a case study involving an industrial control system. The analysis turns out to be effective in both aspects: confirming the findings of the multifactor approach based on modified risk graphs and complementing the traditional analysis to increase resilience in discovering and mitigating security vulnerabilities for SIL assessment by the use of NFR.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
