Analysing Information Integrity Requirements in Safety Critical Systems

Organizations' assets are subject to different threats; which are addressed, usually, by different security solutions. Nonetheless i * modeling language was not developed with security in mind, which motivated the development of other languages (e.g., Si*) that focused on capturing the security requirements (e.g., privacy) of the system-to-be, but far less attention has been paid for capturing information integrity requirements. Capturing information integrity requirements represents an important need for safety critical systems, where depending on incorrect or inconsistent information may lead to disasters and loss of humans' lives (e.g., Air Traffic Control Management Systems). In this paper we present a novel methodology for developing safety critical systems that extends i */Si* modeling languages with the required concepts and primitives for modeling and analyzing the requirements of safety critical systems, with a special emphasis on information integrity requirements.