Security-based Safety Hazard Analysis using STAMP, STPA & HAZOP: A DAM Case Study

Security and safety emerged as an interconnected concept for Cyber-Physical Systems (CPS). In recent years, CPS witnessed an enormous cyber-attack that endorsed the significance of security over safety of the CPS. Many cyber incidents have been recorded where intruders exploit security vulnerabilities that result in safety hazards. In literature, often times security and safety are discussed as a combined concern. This presses the need to treat security and safety as a mutual apprehension. However, more empirical evidence is required to support this mutuality of security and safety. To close this gap, we conducted an empirical study to identify hazard(s) using several methods including the Systematic Theoretical Accidental Model and Process (STAMP), Systematic Theoretic Process Analysis (STPA), Hazard and Operability Study (HAZOP) of a CPS i.e., case study of a Dam , and to performed the risk management (risk identification, risk analysis and mitigation) for the mentioned case study. Our focus remained on security and safety risks only. As a result, we identified all the possible unsafe control events and their potential hazards along with the severity level. Moreover, we suggested the risk mitigation mechanism against the identified hazards which may contribute to the accidents. This study holds implications for CPS practitioners and researchers exploring risk in CPS.