EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A systematic co-engineering of safety and security analysis in requirements engineering process

Sejin Jung, Junbeom Yoo and Sam Malek

International Journal of Critical Infrastructure Protection, 2023, vol. 43, issue C

Abstract: Co-engineering safety and security is increasingly important in safety-critical systems as more diverse interacting functions are implemented in software. Many studies have tried to perform safety and security analyses in unified or in parallel. While the unified approach requires more complex analysis with new delicate methods, the parallel needs further improvement on additional integration activity for harmonizing safety and security analyses results. This paper tries to improve the harmonization activity seamlessly and systematically in typical requirements engineering process for safety-critical systems. It encompasses both requirements elicitation and analysis as well as safety and security analyses, regardless of which analysis techniques are used. The paper suggests performing an appropriate safety analysis first to derive safety requirements as summary information. It then performs goal-tree analysis to refine the high-level safety requirements into lower-level ones, from which any security analysis can work on to derive security requirements. Another goal-tree analysis then tries to refine the high-level security requirements into specific functional ones too, and it ends the analysis activity in a cycle of requirements engineering process. The sequence of safety analysis, goal-tree refinement, security analysis and another goal-tree refinement is seamlessly iterated in the process of requirements engineering, where any conflict of requirements will have an opportunity to be resolved. Our case study of a simplified UAV example uses STPA and STRIDE techniques for safety and security analysis respectively, and shows that the proposed approach is fully applicable up to industrial cases.

Keywords: Co-engineering; Safety analysis; Security analysis; Goal-tree analysis; Requirements engineering; Safety-critical systems (search for similar items in EconPapers)
Date: 2023
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S1874548223000550
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:43:y:2023:i:c:s1874548223000550

DOI: 10.1016/j.ijcip.2023.100642

Access Statistics for this article

International Journal of Critical Infrastructure Protection is currently edited by Leon Strous

More articles in International Journal of Critical Infrastructure Protection from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:ijocip:v:43:y:2023:i:c:s1874548223000550