< Back to previous page

Project

Techniques and measures to co-engineer safety and security in digital systems applied in operational technology environments

The impact of cyber crime on companies is increasing every year and the average damage per successful attack is estimated at a staggering €441000 in 2018 [1]. This impact is much more pronounced in operational technology (OT) environment, since these OT devices and systems are usually designed to keep industrial plants and factories operational with minimal downtime for a long time of usually 10-20 years. It is a tremendous challenge when these OT devices and systems with mostly outdated software/firmware, initially designed as an air-gap or standalone installations, are made accessible through the web. Therefore, the present challenge of developing digital systems is not an easy task, as both safety and cybersecurity must be taken into account and these two domains have matured independently. Safety has been regulated (through laws and standards) for several decades now in the OT context, while cybersecurity has only been regulated more recently and much of the experience in this regard comes from the Information Technology (IT) systems. In this PhD. work, the focus is on the Functional Safety aspect of developing safe and secure digital systems. By analyzing established safety standards, such as IEC 61508 and EN 50128, and recent co-engineering initiatives such as ISO/TR 4804, which take both safety and cybersecurity into account, the safety landscape that digital systems of the future have to comply to will be laid out across application domains. Using this knowledge, the impact of safety requirements on cybersecurity will be determined and reported. Using several use cases from industrial partners, established risk analysis and risk reduction techniques are evaluated and improved upon. To merge this safety knowledge with cybersecurity, a co-engineering development process will be created. [1] (2021) Proximus Cybersecurity Survey. https://cybersecurity.proximus.be/onderzoeksrapport2021/onderzoeksrapport-cybersecurity

Date:8 Feb 2022 →  Today
Keywords:Functional safety, Cybersecurity, Risk reduction techniques
Disciplines:Product safety, Software engineering, Embedded and real-time systems
Project type:PhD project