Inadequate Risk Analysis Might Jeopardize The Functional Safety of Modern Systems
August 30, 2018 Β· Declared Dead Β· π arXiv.org
"No code URL or promise found in abstract"
Evidence collected by the PWNC Scanner
Authors
Kaj HΓ€nninen, Hans Hansson, Henrik Thane, Mehrdad Saadatmand
arXiv ID
1808.10308
Category
cs.SE: Software Engineering
Citations
5
Venue
arXiv.org
Last Checked
4 months ago
Abstract
In the early 90s, researchers began to focus on security as an important property to address in combination with safety. Over the years, researchers have proposed approaches to harmonize activities within the safety and security disciplines. Despite the academic efforts to identify interdependencies and to propose combined approaches for safety and security, there is still a lack of integration between safety and security practices in the industrial context, as they have separate standards and independent processes often addressed and assessed by different organizational teams and authorities. Specifically, security concerns are generally not covered in any detail in safety standards potentially resulting in successfully safety-certified systems that still are open for security threats from e.g., malicious intents from internal and external personnel and hackers that may jeopardize safety. In recent years security has again received an increasing attention of being an important issue also in safety assurance, as the open interconnected nature of emerging systems makes them susceptible to security threats at a much higher degree than existing more confined products.This article presents initial ideas on how to extend safety work to include aspects of security during the context establishment and initial risk assessment procedures. The ambition of our proposal is to improve safety and increase efficiency and effectiveness of the safety work within the frames of the current safety standards, i.e., raised security awareness in compliance with the current safety standards. We believe that our proposal is useful to raise the security awareness in industrial contexts, although it is not a complete harmonization of safety and security disciplines, as it merely provides applicable guidance to increase security awareness in a safety context.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Software Engineering
R.I.P.
π»
Ghosted
R.I.P.
π»
Ghosted
Microservices: yesterday, today, and tomorrow
π
π
The Cartographer
A Survey of Machine Learning for Big Code and Naturalness
R.I.P.
π»
Ghosted
An Overview on Smart Contracts: Challenges, Advances and Platforms
R.I.P.
π»
Ghosted
Slither: A Static Analysis Framework For Smart Contracts
R.I.P.
π»
Ghosted
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection
Died the same way β π» Ghosted
R.I.P.
π»
Ghosted
Federated Learning: Strategies for Improving Communication Efficiency
R.I.P.
π»
Ghosted
In-Datacenter Performance Analysis of a Tensor Processing Unit
R.I.P.
π»
Ghosted
Deep Convolutional Neural Networks for Computer-Aided Detection: CNN Architectures, Dataset Characteristics and Transfer Learning
R.I.P.
π»
Ghosted