Abstract
Emerging technologies, like self-driving cars, drones, and the Internet-of-Things must not impose threats to people, neither due to accidental failures (safety), nor due to malicious attacks (security). As historically separated fields, safety and security are often analyzed in isolation. They are, however, heavily intertwined: measures that increase safety often decrease security and vice versa. Also, security vulnerabilities often cause safety hazards, e.g. in autonomous cars. Therefore, for effective decision-making, safety and security must be considered in combination.
This paper discusses three major challenges that a successful integration of safety and security faces: (1) The complex interaction between safety and security (2) The lack of efficient algorithms to compute system-level risk metrics (3) The lack of proper risk quantification methods. We will point out several research directions to tackle these challenges, exploiting novel combinations of mathematical game theory, stochastic model checking, as well as the Bayesian, fuzzy, and Dempster-Schafer frameworks for uncertainty reasoning. Finally, we report on early results in these directions.
This paper discusses three major challenges that a successful integration of safety and security faces: (1) The complex interaction between safety and security (2) The lack of efficient algorithms to compute system-level risk metrics (3) The lack of proper risk quantification methods. We will point out several research directions to tackle these challenges, exploiting novel combinations of mathematical game theory, stochastic model checking, as well as the Bayesian, fuzzy, and Dempster-Schafer frameworks for uncertainty reasoning. Finally, we report on early results in these directions.
Original language | English |
---|---|
Title of host publication | Model Checking Software. SPIN 2021 |
Subtitle of host publication | 27th International Symposium, SPIN 2021, Virtual Event, July 12, 2021, Proceedings |
Editors | Alfons Laarman, Ana Sokolova |
Publisher | Springer |
Pages | 3-21 |
Number of pages | 19 |
ISBN (Electronic) | 978-3-030-84629-9 |
ISBN (Print) | 978-3-030-84628-2 |
DOIs | |
Publication status | Published - 3 Aug 2021 |
Event | 27th International SPIN Symposium on Model Checking of Software, SPIN 2021 - Virtual Conference Duration: 14 Jul 2021 → 15 Jul 2021 Conference number: 27 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 12864 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 27th International SPIN Symposium on Model Checking of Software, SPIN 2021 |
---|---|
Abbreviated title | SPIN 2021 |
City | Virtual Conference |
Period | 14/07/21 → 15/07/21 |
Keywords
- Safety
- Security
- Model-based
- Interaction
- Fault trees
- Attack trees
- Fault tree-attack tree integration
- 22/2 OA procedure