Emerging technologies, like self-driving cars, drones, and the Internet-of-Things must not impose threats to people, neither due to accidental failures (safety), nor due to malicious attacks (security). As historically separated fields, safety and security are often analyzed in isolation. They are, however, heavily intertwined: measures that increase safety often decrease security and vice versa. Also, security vulnerabilities often cause safety hazards, e.g. in autonomous cars. Therefore, for effective decision-making, safety and security must be considered in combination. This paper discusses three major challenges that a successful integration of safety and security faces: (1) The complex interaction between safety and security (2) The lack of efficient algorithms to compute system-level risk metrics (3) The lack of proper risk quantification methods. We will point out several research directions to tackle these challenges, exploiting novel combinations of mathematical game theory, stochastic model checking, as well as the Bayesian, fuzzy, and Dempster-Schafer frameworks for uncertainty reasoning. Finally, we report on early results in these directions.
The Marriage Between Safety and Cybersecurity: Still Practicing / Stoelinga, Mariëlle; Kolb, Christina; Nicoletti, Stefano M.; Budde, Carlos E.; Moritz Hahn, Ernst. - ELETTRONICO. - 12864:(2021), pp. 3-21. (Intervento presentato al convegno 27th International Symposium on Model Checking Software, SPIN 2021 tenutosi a Online nel July 12, 2021) [10.1007/978-3-030-84629-9_1].
The Marriage Between Safety and Cybersecurity: Still Practicing
Carlos E. Budde;
2021-01-01
Abstract
Emerging technologies, like self-driving cars, drones, and the Internet-of-Things must not impose threats to people, neither due to accidental failures (safety), nor due to malicious attacks (security). As historically separated fields, safety and security are often analyzed in isolation. They are, however, heavily intertwined: measures that increase safety often decrease security and vice versa. Also, security vulnerabilities often cause safety hazards, e.g. in autonomous cars. Therefore, for effective decision-making, safety and security must be considered in combination. This paper discusses three major challenges that a successful integration of safety and security faces: (1) The complex interaction between safety and security (2) The lack of efficient algorithms to compute system-level risk metrics (3) The lack of proper risk quantification methods. We will point out several research directions to tackle these challenges, exploiting novel combinations of mathematical game theory, stochastic model checking, as well as the Bayesian, fuzzy, and Dempster-Schafer frameworks for uncertainty reasoning. Finally, we report on early results in these directions.File | Dimensione | Formato | |
---|---|---|---|
paper_submitted.pdf
accesso aperto
Descrizione: Article camera-ready
Tipologia:
Post-print referato (Refereed author’s manuscript)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
739.42 kB
Formato
Adobe PDF
|
739.42 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione