Handbook of System Safety and Security
eBook - ePub

Handbook of System Safety and Security

Cyber Risk and Risk Management, Cyber Security, Threat Analysis, Functional Safety, Software Systems, and Cyber Physical Systems

  1. 300 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Handbook of System Safety and Security

Cyber Risk and Risk Management, Cyber Security, Threat Analysis, Functional Safety, Software Systems, and Cyber Physical Systems

About this book

Handbook of System Safety and Security: Cyber Risk and Risk Management, Cyber Security, Adversary Modeling, Threat Analysis, Business of Safety, Functional Safety, Software Systems, and Cyber Physical Systems presents an update on the world's increasing adoption of computer-enabled products and the essential services they provide to our daily lives. The tailoring of these products and services to our personal preferences is expected and made possible by intelligence that is enabled by communication between them. Ensuring that the systems of these connected products operate safely, without creating hazards to us and those around us, is the focus of this book, which presents the central topics of current research and practice in systems safety and security as it relates to applications within transportation, energy, and the medical sciences.Each chapter is authored by one of the leading contributors to the current research and development on the topic. The perspective of this book is unique, as it takes the two topics, systems safety and systems security, as inextricably intertwined. Each is driven by concern about the hazards associated with a system's performance.- Presents the most current and leading edge research on system safety and security, featuring a panel of top experts in the field- Includes several research advancements published for the first time, including the use of 'goal structured notation' together with a 'judgment calculus' and their automation as a 'rule set' to facilitate systems safety and systems security process execution in compliance with existing standards- Presents for the first time the latest research in the field with the unique perspective that systems safety and systems security are inextricably intertwined- Includes coverage of systems architecture, cyber physical systems, tradeoffs between safety, security, and performance, as well as the current methodologies and technologies and implantation practices for system safety and security

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Handbook of System Safety and Security by Edward Griffor in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2016
Print ISBN
9780128037737
eBook ISBN
9780128038383
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science
Part I
Systems
Outline
1

Editorā€™s Preface

E. Griffor, National Institute of Standards and Technology (NIST), Gaithersburg, MD, United States
A system is a set of interacting components that frequently form a complex whole. Each system has both spatial and temporal boundaries. Systems operate in, are influenced by and influence their environment. Systems can be described structurally, as a set of components and their interactions, or by reference to its purpose. Alternatively, a system can be referenced in terms of its functions and behaviors.
The notion of a system is ubiquitous. It is not simply a technical concept but it lies at the heart of how the mind deals with and conceives of and understands the surrounding world. It is the essence of how we design and build or make things and how we ultimately garner assurance about their behavior. Indeed, the phrase ā€œwhat we make, makes usā€ captures a fundamental truth about the relationship between the act of altering our world and how it is we understand that worldā€”we make the world over in the image of our thoughts. Thought, through sensing and perception and abstraction or conception, strives to bring order to our experience.
But what of the case where the products of significantly different ways of thinking begin to interact? Their interactions are not likely to meet the purposes of any of the designers. What about a world of systems that are allowed to interact, despite the fact that they were not engineered to do so, that they were not intended to do so? This is the world we live in where the Internet provides ubiquitous and unhindered connectivity, possibilities for interaction and composition. Some of the ways these systems interact were intended (or by design), but so many others were not intended or designed. Sometimes the results are beneficial, but sometimes they have the potential for harm, they are hazardous. The hazards associated with this type of emergent system behaviors may result in harm to person and propertyā€”this is the topic of system safety. Additionally a system may be vulnerable, may be subject to unauthorized access and modificationā€”this is the topic of system security.
In this preface to the Handbook of System Safety and Security, we discuss the concept of a system, system safety and security and review the chapter topics.

1.1 The Need for a Broadly Targeted Handbook of System Safety and Security

The word system is overloaded, that is, has different meanings to different people. The effort to understand a particular system leads one to ask a few key questions:
ā€¢ What are the componentor parts of the system?
ā€¢ What are the interactions between the systemā€™s components?
ā€¢ What are its spatial and temporal boundaries?
ā€¢ What is its environment?
ā€¢ What is its structure?
ā€¢ What function or functions does the system perform?
The interactions between systems, due to the connectivity between systems and to their environment, including human operators, complicate the answers to questions about system safety and security. For example, our need to monitor, measure and control must take into account system connectivity. Hence there is a need to revisit traditional approaches to design for critical concerns such as safety and security. There are also new costs associated with this change in approach. Costs can range from additional component cost, to time delays, to process disruption until new mechanisms are streamlined in. In other words, revisiting these topics must be done from the perspective of all risks.
Though our understanding of systems, as they are rapidly being deployed in our communities and in our nations and across the sectors of the economy, is changing and our approaches to the topics of safety and security are correspondingly diverse, there is a need to begin a broader dialog in order to keep pace with these developments in technology, business, and government. For this reason, the chapters of this Handbook reflect the perspectives of experts in each of these sectors. The topics of the chapters are a selection, some technical and others business- and policy-related. It is the hope of the editor, and the contributors, that this volume will serve to inform and stimulate cross-disciplinary discussion, study and research on system safety and security.

Part I: Systems

Chapter 1: Editorā€™s Preface and Introduction Edward Griffor

Chapter 1 contains a preface and a brief introduction to the concept of a system (including a discussion of cyber-physical systems or CPS), more commonly known as the Internet of Things (IoT). CPS are systems that include both logical operations (such as control and feedback) and physical interactions, such as gathering information from the physical realm using sensors or taking an action or actuating that impacts the physical realm. CPS and IoT are the focus of current discussions due to the accelerating deployment of information systems to become the ā€œsmartsā€ of business, industry, government, as well as our cities and nation.
Finally we discuss the concepts of system safety and security that treated in this volume and how they relate to one another.

Chapter 2: Composition and Compositionality in CPSā€”Janos Sztipanovits, Ted Bapty, Zsolt Lattmann, and Sandeep Neema

Chapter 2 introduces composition and compositionality of systems, one of the key challenges to our understanding of systems and of their behaviors. These two notions raise the important questions about how to study and how to gain confidence about the composition of systems.
Cyber-physical systems (CPS) are engineered systems where functionalities and essential properties emerge through the interaction of physical and computational components. One of the key challenges in the engineering of CPS is the integration of heterogeneous concepts, tools, and languages. In order to address these challenges, the authors review a model-integrated development approach for CPS design that is characterized by the pervasive usage of modeling throughout the design process, including application models, platform models, physical system models, environment models, and models of interaction between these modeling aspects. The authors also discuss embedded systems where both the computational processes and the supporting architecture are modeled in a common modeling framework.

Chapter 3: Software Engineering for Model-Based Development by Domain Expertsā€”Monika Bialy, Vera Pantelic, Jason Jaskolka, Alexander Schaap, Lucian Patcas, Mark Lawford, and Alan Wassyng

Chapter 3 discusses the model-based development (MBD) practices that have impacted the development of embedded software in many industries, especially in safety-critical domains. The models are typically described using domain-specific languages and tools that are readily accessible to domain experts. Domain experts, despite not having formal software engineering training, find themselves creating models from which embedded code is generated and therefore contributing to the design and coding activities of software development. This new role of the domain experts can create new and different dynamics in the interactions with software engineers, and in the development process. In this chapter, the authors describe their experiences as software engineers in multiyear collaborations with domain experts from the automotive industry, who are developing embedded software using the MBD approach. The authors aim to provide guidelines meant to strengthen the collaboration between domain experts and software engineers, in order to improve the quality of embedded software systems, including the safety and security of their systems.

Part II: Perspectives on Safety and Security

Chapter 4: Evolving Securityā€”Anuja Sonalker and Edward Griffor

The topic of system security, and in particular that of cybersecurity differs in a critical way from the other concerns we have about systems. Though concerns like safety and resilience do have challenges associated with design, realization, and validation to an ever changing operating environment, security faces an ever evolving adversary. When faced with constantly changing conditions under which a system must continue to deliver its function, designers attempt to model those conditions and test their design against that model. Modeling also becomes important from a measurement standpoint. In order to assess systems and determine their overall risk, their overall security posture, design countermeasures, and then re-assess systems to determine the effectiveness of countermeasures in a provable, reproducible, repeatable quantitative manner, we must be able to model the security, vulnerability, and risk of these systems.
In this chapter the authors introduce new modes of modeling for security adversaries and discuss some basic foundations for adversary modeling. They also discuss how connectivity of systems increases the complexity of system interactions. These complexities also need to be identified and modeled to understand the derivative effect on the overall security posture.

Chapter 5: The Business of Safetyā€”Joseph D. Miller

Chapter 5 discusses system safety from the perspective of system producers. The author illustrates the practice of product or system safety, using the example of system safety in the automobile industry.
Automobiles are some of the most widely deployed, complex systems in our society. While their drivers have a minimal amount of preparation or training to operate them, these systems are growing more complex by the day. Current aspirations are to deploy connected, autonomous vehicles. All involved will face challenges. The title of this chapter ā€œThe Business of Safetyā€ is intended to address and discuss several questions, like: What is system safety about? What is it made up of? What do people in this ā€œbusinessā€ do? What are their fundamental activities and concerns? What do they need to carry on their business? What do they actually produce and how does that relate to the other activities necessary for producing the whole product, other activities necessary for producing the product and addressing other relevant concerns?

Chapter 6: Cybersecurity for Commercial Advantageā€”James M. Kaplan

Many elements of the work required for a businessā€™s offerings are viewed as noncommercial, such as cybersecurity. They are regarded by business managers simply as an additional cost that...

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. About the Editor
  7. About the Contributors
  8. Introduction
  9. Part I: Systems
  10. Part II: Perspectives on Safety and Security
  11. Part III: Applications of System Safety and Security
  12. Index