INSpIRA: INtegrating Security Into Risk Assessment

摘要

Today's software and hardware technologies enable the expansion of Cyber-Physical Systems (CPSs) into the realms of mobility (car2x, autonomous driving), energy (power plants, smart grid) and healthcare (health monitoring), paving the way into a highly interlaced world. However, this also dramatically broadens the threat landscape for potential attacks on CPSs. The malfunction of these CPSs could threaten human life, cause environmental damage and major fnancial loss. This drives the need for comprehensive methods that support the cross-domain design, development and implementation of safe and secure systems. In order to tackle these challenges, this paper proposes a method called INSpIRA, a method for INtegrating Security Into Risk Assessment, including a toolchain implementing the method. The envisioned method is supposed to be a holistic approach that supports the efcient crossdomain design, development, implementation and maintenance of dependable CPSs, where security and safety are a critical aspect that requires an in-depth risk assessment.