SafeSec Tropos: Joint security and safety requirements elicitation

The growing convergence of information technology with operational technology and the accordant proliferation of interconnected cyber-physical systems (CPSs) has given rise to several security and safety challenges. One of these refers to systematically identifying coherent, consistent, and non-conflicting security and safety requirements. This paper proposes an integrated method for safety and security requirements engineering for CPSs at the design stage of the system lifecycle. The method identifies security and safety objectives, it systematically elicits a comprehensive list of requirements, and it links these requirements to objectives, thus facilitating the process of resolving conflicts. To provide insight into the operations of the method, we demonstrate its use to the most vulnerable CPSs on board the Cyber-Enabled Ship (C-ES). By utilizing the proposed method, the safety and security objectives of these systems were defined, and their safety and security requirements were identified.