Inadequate Risk Analysis Might Jeopardize The Functional Safety of Modern Systems

by   Kaj Hänninen, et al.

In the early 90s, researchers began to focus on security as an important property to address in combination with safety. Over the years, researchers have proposed approaches to harmonize activities within the safety and security disciplines. Despite the academic efforts to identify interdependencies and to propose combined approaches for safety and security, there is still a lack of integration between safety and security practices in the industrial context, as they have separate standards and independent processes often addressed and assessed by different organizational teams and authorities. Specifically, security concerns are generally not covered in any detail in safety standards potentially resulting in successfully safety-certified systems that still are open for security threats from e.g., malicious intents from internal and external personnel and hackers that may jeopardize safety. In recent years security has again received an increasing attention of being an important issue also in safety assurance, as the open interconnected nature of emerging systems makes them susceptible to security threats at a much higher degree than existing more confined products.This article presents initial ideas on how to extend safety work to include aspects of security during the context establishment and initial risk assessment procedures. The ambition of our proposal is to improve safety and increase efficiency and effectiveness of the safety work within the frames of the current safety standards, i.e., raised security awareness in compliance with the current safety standards. We believe that our proposal is useful to raise the security awareness in industrial contexts, although it is not a complete harmonization of safety and security disciplines, as it merely provides applicable guidance to increase security awareness in a safety context.


page 1

page 2

page 3

page 4


Sustaining Security and Safety in ICT: A Quest for Terminology, Objectives, and Limits

Security and safety are intertwined concepts in the world of computing. ...

Conflict Analysis and Resolution of Safety and Security Boundary Conditions for Industrial Control Systems

Safety and security are the two most important properties of industrial ...

Use of LLMs for Illicit Purposes: Threats, Prevention Measures, and Vulnerabilities

Spurred by the recent rapid increase in the development and distribution...

V2X Misbehavior in Maneuver Sharing and Coordination Service: Considerations for Standardization

Connected and Automated Vehicles (CAV) use sensors and wireless communic...

Industrial robot ransomware: Akerbeltz

Cybersecurity lessons have not been learnt from the dawn of other techno...

An Assurance Framework for Independent Co-assurance of Safety and Security

Integrated safety and security assurance for complex systems is difficul...

Please sign up or login with your details

Forgot password? Click here to reset