Practical extensions of safety critical engineering processes for securing industrial control systems

Industrial control systems are commonly used in situations where the users of such systems would be at risk without adequate safety-specific design considerations. The demand for distributed monitoring and management functionality has driven an increase in the connectivity of safety critical systems. Consequentially, the risk posed by cyber security concerns has also increased. Safety engineering is driven by legal and industrial demands but security engineering can be difficult to justify financially in the functionally driven environment of industrial control systems. Identifying links between the safety engineering process and the security engineering process makes it possible to reuse data and maximise the overlap between engineering processes, reducing costs and taking full advantage of domain knowledge. This work presents a first step at creating a combined framework for both security and safety design considerations. Practical recommendations for linking the safety and security engineering processes using state-of-the-art techniques are made, and discussed, including a novel combination of SysML profiles to address safety and security under the separation of concerns paradigm. The proposed technique is explored from the perspective of how linking such models impacts on engineering processes. Particular attention is given to the orthogonal (or otherwise) nature of information that each system perspective requires and the practicality of sharing information (directly or through transformation) from one system view to another.