Integrated Design Framework for Facilitating Systems-Theoretic Process Analysis

Altaf, Amna, Faily, Shamal, Dogan, Huseyin, Thron, Eylem and Mylonas, Alexios (2022) Integrated Design Framework for Facilitating Systems-Theoretic Process Analysis. In: Computer Security. ESORICS 2021 International Workshops - CyberICPS, SECPRE, ADIoT, SPOSE, CPS4CIP, and CDT and SECOMANE, 2021-10-04 - 2021-10-08.

Copy

Systems-Theoretic Process Analysis (STPA) helps mitigate identified safety hazards leading to unfortunate situations. Usually, a systematic step-by-step approach is followed by safety experts irrespective of any software based tool-support, but identified hazards should be associated with security risks and human factors issues. In this paper, a design framework using Integrating Requirements and Information Security (IRIS) and open source Computer Aided Integration of Requirements and Information Security (CAIRIS) tool-support is used to facilitate the application of STPA. Our design framework lays the foundation for resolving safety, security and human factors issues for critical infrastructures. We have illustrated this approach with a case study based on real life Cambrian Coast Line Railway incident.

Item Type	Conference or Workshop Item (Other)
Identification Number	10.1007/978-3-030-95484-0_4
Additional information	© 2022 Springer Nature Switzerland AG. This is the accepted manuscript version of a conference paper which has been published in final form at https://doi.org/10.1007/978-3-030-95484-0_4
Keywords	cairis, human factors, iris, rail infrastructure, safety hazards, security risks, stpa, theoretical computer science, general computer science
Date Deposited	15 May 2025 16:47
Last Modified	09 Apr 2026 00:17