(Note: This paper follows on from the paper presented last year at ISSC. This new paper serves to provide more technical detail (the how?) for the integration framework)
There are many approaches to solving the safety-security integration problem. Regulatory bodies have also attempted to unify safety-security co-assurance through creating coherent standards. Indeed, there are examples of complementary standards in several domains such as industrial control, aerospace, defence, and healthcare. However, many of these are partial solutions that only look at a specific aspect of the interaction, and do not address interactions at each stage of the system lifecycle. These partial solutions are insufficient for co-assurance because they reveal a limited number of gaps and make it difficult to have confidence that an acceptable level of assurance has been reached. What is required to solve these challenges is a model of attribute co-assurance that allows for separation of concerns, and the ability to incorporate new information and to propagate the impact across the attributes.
The Safety-Security Assurance Framework (SSAF) will be presented as a candidate solution with a small case study to explify its application. SSAF relies on the new paradigm of independent co-assurance, i.e. separated but interconnected concerns. It is possible to maintain separate teams, separate models, separate processes, but still exchange the right information at the right time. SSAF also enables practitioners to explore the subtle ways in which the socio-technical system interactions make assuring safety and security more difficult.
In this way, changes (e.g. new vulnerabilities) can be responded to more effectively, and assurance in system safety and security maintained. In addition, SSAF has the potential to inform co-assurance standards of the future by providing a structure to analyse the interactions in detail.
