STPA-SafeSec:Safety and security analysis for cyber-physical systems

Friedberg, Ivo and McLaughlin, Kieran and Smith, Paul and Laverty, David M. and Sezer, Sakir (2017) STPA-SafeSec:Safety and security analysis for cyber-physical systems. Journal of Information Security and Applications, 34 (2). pp. 183-196. ISSN 2214-2126

Full text not available from this repository.


Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today's critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.

Item Type:
Journal Article
Journal or Publication Title:
Journal of Information Security and Applications
Uncontrolled Keywords:
Research Output Funding/no_not_funded
ID Code:
Deposited By:
Deposited On:
14 Aug 2023 08:20
Last Modified:
15 Sep 2023 01:36