Combined Approach for Safety and Security

With evolution in Cyber-Physical Systems, the dependence and conflicts among dependability attributes (safety, security, reliability, availability etc) have become increasingly complex. We can not consider these dependability attributes in isolation, therefore, combined approaches for safety, security and other attributes are required. In this document, we provide a matrix based approach (inspired from ANP (Analytical Network Process)) for combined risk assessment for safety and security. This approach allows combined risk assessment considering dependence and conflict among attributes. The assessment results for different dependability attributes (such as safety, security etc.) are provided in the ANP matrix. We will discuss approaches such as Fault Tree Analysis (FTA), Stochastic Colored Petri Net (SCPN) Analysis, Attack Tree Analysis (ATA), Failure Mode Vulnerability and Effect Analysis (FMVEA) for evaluation of concerned attributes and achieving our goal of combined assessment.