当前位置: X-MOL 学术PeerJ Comput. Sci. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Data-flow-based adaption of the System-Theoretic Process Analysis for Security (STPA-Sec)
PeerJ Computer Science ( IF 3.5 ) Pub Date : 2021-02-03 , DOI: 10.7717/peerj-cs.362
Jinghua Yu 1, 2 , Stefan Wagner 2 , Feng Luo 1
Affiliation  

Security analysis is an essential activity in security engineering to identify potential system vulnerabilities and specify security requirements in the early design phases. Due to the increasing complexity of modern systems, traditional approaches lack the power to identify insecure incidents caused by complex interactions among physical systems, human and social entities. By contrast, the System-Theoretic Process Analysis for Security (STPA-Sec) approach views losses as resulting from interactions, focuses on controlling system vulnerabilities instead of external threats, and is applicable for complex socio-technical systems. However, the STPA-Sec pays less attention to the non-safety but information-security issues (e.g., data confidentiality) and lacks efficient guidance for identifying information security concepts. In this article, we propose a data-flow-based adaption of the STPA-Sec (named STPA-DFSec) to overcome the mentioned limitations and elicit security constraints systematically. We use the STPA-DFSec and STPA-Sec to analyze a vehicle digital key system and investigate the relationship and differences between both approaches, their applicability, and highlights. To conclude, the proposed approach can identify information-related problems more directly from the data processing aspect. As an adaption of the STPA-Sec, it can be used with other STPA-based approaches to co-design systems in multi-disciplines under the unified STPA framework.

中文翻译:

基于数据流的安全系统理论过程分析(STPA-Sec)

安全分析是安全工程中的一项重要活动,用于识别潜在的系统漏洞并在早期设计阶段指定安全要求。由于现代系统日益复杂,传统方法缺乏识别物理系统,人类和社会实体之间复杂交互所导致的不安全事件的能力。相比之下,安全性系统理论过程分析(STPA-Sec)方法将交互作用造成的损失视为风险,着重于控制系统漏洞而不是外部威胁,并且适用于复杂的社会技术系统。但是,STPA-Sec对非安全性但信息安全性问题(例如,数据机密性)的关注较少,并且缺乏识别信息安全性概念的有效指南。在这篇文章中,我们提出了一种基于数据流的STPA-Sec(称为STPA-DFSec)的改编方案,以克服上述限制并系统地引发安全性约束。我们使用STPA-DFSec和STPA-Sec分析车辆数字钥匙系统,并研究两种方法之间的关系和差异,其适用性和重点。总之,所提出的方法可以更直接地从数据处理方面识别与信息相关的问题。作为STPA-Sec的改编,它可以与其他基于STPA的方法一起使用,以在统一的STPA框架下共同设计多学科的系统。我们使用STPA-DFSec和STPA-Sec分析车辆数字钥匙系统,并研究两种方法之间的关系和差异,其适用性和重点。总之,所提出的方法可以更直接地从数据处理方面识别与信息相关的问题。作为STPA-Sec的改编,它可以与其他基于STPA的方法一起使用,以在统一的STPA框架下共同设计多学科的系统。我们使用STPA-DFSec和STPA-Sec分析车辆数字钥匙系统,并研究两种方法之间的关系和差异,其适用性和重点。总之,所提出的方法可以更直接地从数据处理方面识别与信息相关的问题。作为STPA-Sec的改编,它可以与其他基于STPA的方法一起使用,以在统一的STPA框架下共同设计多学科的系统。
更新日期:2021-02-03
down
wechat
bug