Skip to main content

Research Repository

Advanced Search

Integrated design framework for facilitating systems-theoretic process analysis.

Altaf, Amna; Faily, Shamal; Dogan, Huseyin; Thron, Eylem; Mylonas, Alexios

Authors

Amna Altaf

Huseyin Dogan

Eylem Thron

Alexios Mylonas



Contributors

Sokratis Katsikas
Editor

Costas Lambrinoudakis
Editor

Nora Cuppens
Editor

John Mylopoulos
Editor

Christos Kalloniatis
Editor

Weizhi Meng
Editor

Steven Furnell
Editor

Frank Pallas
Editor

Pohle
Editor

M. Angela Sasse
Editor

Habtamu Abie
Editor

Silvio Ranise
Editor

Luca Verderame
Editor

Enrico Cambiaso
Editor

Jorge Maestre Vidal
Editor

Marco Antonio Sotelo Monge
Editor

Abstract

Systems-Theoretic Process Analysis (STPA) helps mitigate identified safety hazards leading to unfortunate situations. Usually, a systematic step-by-step approach is followed by safety experts irrespective of any software based tool-support, but identified hazards should be associated with security risks and human factors issues. In this paper, a design framework using Integrating Requirements and Information Security (IRIS) and open source Computer Aided Integration of Requirements and Information Security (CAIRIS) tool-support is used to facilitate the application of STPA. Our design framework lays the foundation for resolving safety, security and human factors issues for critical infrastructures. We have illustrated this approach with a case study based on real life Cambrian Coast Line Railway incident.

Citation

ALTAF, A., FAILY, S., DOGAN, H., THRON, E. and MYLONAS, A. 2022. Integrated design framework for facilitating systems-theoretic process analysis. In Katsikas, S., Lambrinoudakis, C., Cuppens, N. et al (eds.) Computer security: 26th European symposium on research in computer security (ESORICS 2021) international workshops: selected papers from 7th workshop on the security of industrial control systems of cyber-physical systems (CyberICPS 2021), co-located with SECPRE, ADIoT, SPOSE, CPS4CIP, CDT and SECOMANE, 4-8 October 2021, Darmstadt, Germany. Lecture notes in computer science (LNCS), 13106. Cham: Springer [online], pages 58-73. Available from: https://doi.org/10.1007/978-3-030-95484-0_4

Conference Name 7th Workshop on the security of industrial control systems and of cyber-physical systems (CyberICPS 2021), co-located with the 26th European symposium on research in computer security (ESORICS 2021)
Conference Location Darmstadt, Germany
Start Date Oct 4, 2021
End Date Oct 8, 2021
Acceptance Date Sep 11, 2021
Online Publication Date Feb 8, 2022
Publication Date Dec 31, 2022
Deposit Date Oct 5, 2021
Publicly Available Date Feb 9, 2023
Publisher Springer
Pages 58-73
Series Title Lecture notes in computer science (LNCS)
Series Number 13106
Series ISSN 0302-9743 ; 1611-3349
Book Title Computer security: ESORICS 2021 international workshops: revised selsected papers from CyberICPS, SECPRE, ADIoT, SPOSE, CPS4CIP, CDT and SECOMANE, 4-8 October 2021, Darmstadt, Germany
ISBN 9783030954833
DOI https://doi.org/10.1007/978-3-030-95484-0_4
Keywords Systems-theoretic process analysis (STPA); Integrating reuirements and information security (IRIS); Computer-aided integration of requirements and information security (CAIRIS); Critical infrastructure; Safety; Systems security; Rail industry; Human-compu
Public URL https://rgu-repository.worktribe.com/output/1456206

Files

This file is under embargo until Feb 9, 2023 due to copyright reasons.

Contact publications@rgu.ac.uk to request a copy for personal use.




You might also like



Downloadable Citations