Design of critical cyber-physical systems jointly addressing safety, security, and performance concerns and using STPA and SysML

Abstract

Today's critical cyber-physical systems are characterized by increasing automation, computational power, communication, and structural and functional integration. These systems involve processing and storage units, mechanical and electrical components, sensors, actuators, and communication networks. In this integration, the software is the dominant part. Two recurring concerns in developing cyber-physical systems are safety and security. The systems we are building are becoming more complex due to not only technical but also sociological, legal, and political aspects. Development requires the participation of many stakeholders, such as processing and storage providers, network providers, certification authorities, service providers, solution developers, operators, and administrators. STAMP and STPA can be used to enable safety and security at the concept stage and generate the functional, safety, and security requirements. There are approaches to dealing with conflicts and reinforcements between the constraints derived from safety and security requirements at the system concept stage. Performance requirements are usually dealt with in the design phase and are derived from system, functional, and safety requirements. Mechanisms to meet safety, security, and performance requirements include a variety of hardware, software, protocols, procedures, and any item that in isolated or in combined form meets the requirements. In identifying the mechanisms, we have to take into account that the new mechanisms can affect the efficiency and effectiveness of the already identified mechanisms. However, there are few works on how to integrate STPA with the design techniques in a systematic way to deal with requirements and mechanisms not only of safety and security but also of performance. We conjecture that for systematization, some common form of specification is necessary. Given the characteristics of critical cyber-physical systems, the SysML language and the model-based development approach can be used. Systems Modeling Language (SysML) is a general-purpose modeling language for systems engineering applications that supports the specification, analysis, design, verification, and validation of systems. The objective of this project proposal is to investigate and propose a design method for cyber-physical systems, which uses the STPA analysis results to generate SysML design models that jointly consider the requirements and mechanisms of safety, security, and performance. The proposal also aims to propose analysis techniques of mechanisms that consider conflicts and reinforcements to meet safety, security, and performance requirements. (AU)