Proceedings of the

The 33rd European Safety and Reliability Conference (ESREL 2023)
3 – 8 September 2023, Southampton, UK

Safety and Security Integrated Analysis Approaches Considering New Updates for Maritime Systems

Rogério Brito Ramosa and João Batista Camargo Júniorb

Safety Analysis Group, Computer Engineering and Digital Systems Department, University of São Paulo, Brazil.

ABSTRACT

As the modern ships have their operation dependent on information systems, a cyber-attack can impact the safety objectives. Cyber security analysis (related to protection against malicious attack) has become part of the modern design system as well as traditional safety analysis (related to prevention from accidents). However, both disciplines are usually performed in distinct or weak linked processes, which to succeed rely on exhaustive tasks and on the expertise of the analysts. Combined analysis approaches are required to provide a straightforward identification of safety and security issues, once it is possible that a countermeasure to minimize a safety issue can expose a security vulnerability, and a deployment to fix a security question could also bring new safety hazards. The purpose of this paper is to present the characteristics of some selected safety and security integrated analysis approaches applied to a case study with technologies deployed in maritime systems. The results suggested that the approaches can be useful to capture vulnerabilities, hazards and conflicts that could not be detected by a separated or empirical analysis. Another conclusion is that to select a suitable approach should be part of a safety and security analysis process. For future works, those steps can be extended to other types of critical systems.

Keywords: Safety and security integrated, Ship systems, Maritime systems, Cyber Physical System (CPS), Vulnerabilities, Hazards and cybersecurity.



Download PDF