TY - GEN
T1 - Conflict Analysis and Resolution of Safety and Security Boundary Conditions for Industrial Control Systems
AU - Agbo, Chidi
AU - Mehrpouyan, Hoda
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Safety and security are the two most important properties of industrial control systems (ICS), and their integration is necessary to ensure that safety goals do not undermine security goals and vice versa. Sometimes, safety and security co-engineering leads to conflicting requirements or violations capable of impacting the normal behavior of the system. Identification, analysis, and resolution of conflicts arising from safety and security co-engineering is a major challenge, an under-researched area in safety-critical systems(ICS). This paper presents an STPA-SafeSec-CDCL approach that addresses the challenge. Our proposed methodology combines the STPA-SafeSec approach for safety and security analysis and the Conflict-Driven Clause Learning (CDCL) approach for the identification, analysis, and resolution of conflicts where conflicting constraints are encoded in satisfiability (SAT) problems. We apply our framework to the Tennessee Eastman Plant process model, a chemical process model developed specifically for the study of industrial control processes, to demonstrate how to use the proposed method. Our methodology goes beyond the requirement analysis phase and can be applied to the early stages of system design and development to increase system reliability, robustness, and resilience.
AB - Safety and security are the two most important properties of industrial control systems (ICS), and their integration is necessary to ensure that safety goals do not undermine security goals and vice versa. Sometimes, safety and security co-engineering leads to conflicting requirements or violations capable of impacting the normal behavior of the system. Identification, analysis, and resolution of conflicts arising from safety and security co-engineering is a major challenge, an under-researched area in safety-critical systems(ICS). This paper presents an STPA-SafeSec-CDCL approach that addresses the challenge. Our proposed methodology combines the STPA-SafeSec approach for safety and security analysis and the Conflict-Driven Clause Learning (CDCL) approach for the identification, analysis, and resolution of conflicts where conflicting constraints are encoded in satisfiability (SAT) problems. We apply our framework to the Tennessee Eastman Plant process model, a chemical process model developed specifically for the study of industrial control processes, to demonstrate how to use the proposed method. Our methodology goes beyond the requirement analysis phase and can be applied to the early stages of system design and development to increase system reliability, robustness, and resilience.
KW - Conflict-Driven Clause Learning(CDCL)
KW - Cyber-physical systems(CPS)
KW - Industrial Control Systems(ICS)
KW - STPA-SafeSec
KW - Safety and Security co-engineering
UR - http://www.scopus.com/inward/record.url?scp=85151619132&partnerID=8YFLogxK
U2 - 10.1109/ICSRS56243.2022.10067393
DO - 10.1109/ICSRS56243.2022.10067393
M3 - Conference contribution
AN - SCOPUS:85151619132
T3 - 2022 6th International Conference on System Reliability and Safety, ICSRS 2022
SP - 145
EP - 156
BT - 2022 6th International Conference on System Reliability and Safety, ICSRS 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th International Conference on System Reliability and Safety, ICSRS 2022
Y2 - 23 November 2022 through 25 November 2022
ER -