Towards Model Co-evolution Across Self-Adaptation Steps for Combined Safety and Security Analysis

TL;DR

This paper introduces a modeling approach for self-adaptive systems that considers safety and security vulnerabilities during each adaptation step, enabling comprehensive analysis of potential risks throughout the system's evolution.

Contribution

It proposes a novel method to model and co-evolve safety and security aspects across adaptation steps using Attack-Fault Trees, addressing gaps in current analysis approaches.

Findings

Models can describe system aspects at different abstraction levels.

Models are combined into Attack-Fault Trees for analysis.

Enables analysis of vulnerabilities during adaptation process.

Abstract

Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to consider these two aspects together. Furthermore, the approaches currently used for safety and security analysis do not sufficiently take into account the intermediate steps of an adaptation. Current work in this area ignores the fact that a self-adaptive system also reveals possible vulnerabilities (even if only temporarily) during the adaptation. To address this issue, we propose a modeling approach that takes into account the different relevant aspects of a system, its adaptation process, as well as safety hazards and security attacks. We present several models that describe different aspects of a self-adaptive system and we outline our idea of how these models can then be combined into an Attack-Fault Tree. This allows modeling aspects of the system on different levels of abstraction and co-evolve the models using transformations according to the adaptation of the system. Finally, analyses can then be performed as usual on the resulting Attack-Fault Tree.