Christophe Ponsard, Jeremy Grandclaudon, Philippe Massonet, Mounir Touzani, Assessment of Emerging Standards for Safety and Security Co-Design on a Railway Case Study. MEDI Workshops 2018 : 130-145, Marrakech, October 23, 2018
Design for safety-critical software intended for domains like transportation or medical systems is known to be difficult but is required to give a sufficient level of assurance that the system will not harm or kill people. To add to the difficulty, systems have now become highly connected and are turning into cyber-physical systems. This results in the need to address intentional cyber security threats on top of risks related to unintentional software defects. Different approaches are being defined to co-engineer both software security and safety in a consistent way. This paper aims at providing a deeper understanding of those approaches and the evolution of related standards by analysing them using a sound goal-oriented framework that can model both kind of properties and also reason on them in a risk-oriented way. In the process interesting co-design patterns are also identified and discussed. The approach is driven by a real world open specification from the railways.