Security-Informed Safety Case Approach to Analysing MILS Systems
نویسندگان
چکیده
Safety cases are the development foundation for safety-critical systems and are often quite complex to understand depending on the size of the system and operational conditions. The recent advent of security aspects complicates the issues further. This paper describes an approach to analysing safety and security in a structured way and creating security-informed safety cases that provide justification of safety taking into particular consideration the impact of security. The paper includes an overview of the structured assurance case concept, a security-informed safety methodology and a layered approach to constructing cases. The approach is applied to a Security Gateway that is used to control data flow between security domains in a separation kernel based operating system in avionics environment. We show that a clear and structured way of presenting a safety case combining safety and security alleviates understanding important interactions taking into account the impact and, hence, increases safety. General Terms Design, Security, Theory.
منابع مشابه
The MILS architecture for high-assurance embedded systems
High-assurance systems require a level of rigor, in both design and analysis, not typical of conventional systems. This paper provides an overview of the Multiple Independent Levels of Security and Safety (MILS) approach to high-assurance system design for security and safety critical embedded systems. MILS enables the development of a system using manageable units, each of which can be analyze...
متن کاملDesign, implementation and verification of MILS systems
Safety-critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environements. To prevent data access by unauthorized subjects, they must protect and isolate information so that only allowed entities can read or write information. However, due to their increased number of functionalities, safety-critical systems design becomes more comp...
متن کاملDesign, Verification and Implementation of MILS systems
Safety-critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environements. These systems must protect data so that only allowed entities can read or write information. However, due to their increased number of functionalities, safety-critical systems design becomes more complex ; this increases difficulties in the design and the ver...
متن کاملDependable By Construction: Cyber-Physical Systems to Bet Your Life On
Cyber-physical systems will touch many aspects of life, and lives will depend on them: on the road, in the air, on rails, and in the operating room. We are concerned with the efficient construction of cyber-physical systems, and of the assurances required to place lives within their scope of control. We have been investigating a framework for an approach to safetyand securitycritical systems kn...
متن کاملSpecifying and enforcing a multi-policy paradigm for high assurance multi-enclave systems
One fundamental key to successful implementation of secure high assurance computer systems is the design and implementation of security policies. For systems enforcing multiple concurrent policies, the design and implementation is a challenging and difficult task. To simplify this task, we present an Inter-Enclave Multi-Policy (IEMP) paradigm for information access of the Multiple Independent L...
متن کامل