Bournemouth University

Staff Profile Pages

Integrated Design Framework for Facilitating Systems-Theoretic Process Analysis

Authors: Altaf, A., Faily, S., Dogan, H., Thron, E. and Mylonas, A.

Journal: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volume: 13106 LNCS

Pages: 58-73

eISSN: 1611-3349

ISBN: 9783030954833

ISSN: 0302-9743

DOI: 10.1007/978-3-030-95484-0_4

Abstract:

Systems-Theoretic Process Analysis (STPA) helps mitigate identified safety hazards leading to unfortunate situations. Usually, a systematic step-by-step approach is followed by safety experts irrespective of any software based tool-support, but identified hazards should be associated with security risks and human factors issues. In this paper, a design framework using Integrating Requirements and Information Security (IRIS) and open source Computer Aided Integration of Requirements and Information Security (CAIRIS) tool-support is used to facilitate the application of STPA. Our design framework lays the foundation for resolving safety, security and human factors issues for critical infrastructures. We have illustrated this approach with a case study based on real life Cambrian Coast Line Railway incident.

https://eprints.bournemouth.ac.uk/36925/

Source: Scopus

Integrated Design Framework for Facilitating Systems-Theoretic Process Analysis

Authors: Altaf, A., Faily, S., Dogan, H., Thron, E. and Mylonas, A.

Journal: COMPUTER SECURITY: ESORICS 2021 INTERNATIONAL WORKSHOPS

Volume: 13106

Pages: 58-73

eISSN: 1611-3349

ISBN: 978-3-030-95483-3

ISSN: 0302-9743

DOI: 10.1007/978-3-030-95484-0_4

https://eprints.bournemouth.ac.uk/36925/

Source: Web of Science (Lite)

Integrated Design Framework for Facilitating Systems-Theoretic Process Analysis

Authors: Altaf, A., Faily, S., Dogan, H., Thron, E. and Mylonas, A.

Conference: ESORICS 2021: European Symposium on Research in Computer Security

Volume: 13106

Pages: 58-73

ISBN: 9783030954833

ISSN: 0302-9743

Abstract:

Systems-Theoretic Process Analysis (STPA) helps mitigate identified safety hazards leading to unfortunate situations. Usually, a systematic step-by-step approach is followed by safety experts irrespective of any software based tool-support, but identified hazards should be associated with security risks and human factors issues. In this paper, a design framework using Integrating Requirements and Information Security (IRIS) and open source Computer Aided Integration of Requirements and Information Security (CAIRIS) tool-support is used to facilitate the application of STPA. Our design framework lays the foundation for resolving safety, security and human factors issues for critical infrastructures. We have illustrated this approach with a case study based on real life Cambrian Coast Line Railway incident.

https://eprints.bournemouth.ac.uk/36925/

Source: BURO EPrints