JIS  Vol.11 No.4 , October 2020
Concepts of Safety Critical Systems Unification Approach & Security Assurance Process
Abstract: The security assurance of computer-based systems that rely on safety and security assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This targets the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information system. This research addresses security and information assurance for safety-critical systems, where security and safety are addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.
Cite this paper: Nabi, F. , Yong, J. , Tao, X. , Malhi, M. , Mahmood, U. and Iqbal, U. (2020) Concepts of Safety Critical Systems Unification Approach & Security Assurance Process. Journal of Information Security, 11, 292-303. doi: 10.4236/jis.2020.114018.

[1]   Nabi, F. and Nabi, M.M. (2017) A Process of Security Assurance Properties Unification for Application Logic. International Journal of Electronics and Information Engineering, 6, 40-48.

[2]   Chechik, M., Salay, R., Viger, T., Kokaly, S. and Rahimi, M. (2019) Software Assurance in an Uncertain World. In: Hähnle, R. and van der Aalst, W., Eds., FASE 2019, LNCS 11424, 3-21.

[3]   Kelly, T. (2019) An Assurance Framework for Independent Co-Assurance of Safety and Security. New York University Press, New York.

[4]   Czarnecki, K. and Salay, R. (2018) Towards a Framework to Manage Perceptual Uncertainty for Safe Automated Driving. In: Gallina, B., Skavhaug, A., Schoitsch, E. and Bitsch, F., Eds., SAFECOMP 2018, LNCS, Vol. 11094, Springer, Cham, 439-445.

[5]   Carlan, C., Gallina, B., Kacianka, S. and Breu, R. (2017) Arguing on Software-Level Verification Techniques Appropriateness. In: Tonetta, S., Schoitsch, E. and Bitsch, F., Eds., SAFECOMP 2017, LNCS, Vol. 10488, Springer, Cham, 39-54.

[6]   Carlan, C., Ratiu, D. and Schätz, B. (2016) On Using Results of Code-Level Bounded Model Checking in Assurance Cases. In: Skavhaug, A., Guiochet, J., Schoitsch, E. and Bitsch, F., Eds., SAFECOMP 2016, LNCS, Vol. 9923, Springer, Cham, 30-42.

[7]   Kriaa, S., Pietre-Cambacedes, L., Bouissou, M. and Halgand, Y. (2015) A Survey of Approaches Combining Safety and Security for Industrial Control Systems. Reliability Engineering & System Safety, 139, 156-178.

[8]   Symantec (2018, March) 2018 Security Threat Report. ISTR Internet Security Threat Report, Vol. 23.

[9]   Bird, J. (2017, October) 2017 State of Application Security: Balancing Speed and Risk.

[10]   Ullrich, J. (2016, April) 2016 State of Application Security: Skills, Configurations and Components. SANS Institute Survey.

[11]   Zakaszewska, A. (2016) Proportionality Approach Model for the Application of ASEMS. BMT Isis Limited (2016, March) (Issue 1).

[12]   Finnegan, A. and McCaffery, F. (2014) Towards an International Security Case Framework for Networked Medical Devices. International Conference on Computer Safety, Reliability, and Security, September 2014, Springer, Cham, 197-209.

[13]   Gehr, T., Milman, M., Drachsler-Cohen, D., Tsankov, P., Chaudhuri, S. and Vechev, M. (2018) AI2: Safety and Robustness Certification of Neural Networks with Abstract Interpretation. 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, 20-24 May 2018.