Description

Project Description:

The introduction and adoption of new technologies implies the rise of new risks, related both to accidental damage (safety) and to malicious attacks (security). Furthermore, safety and security are often intertwined: passwords protect medical data from unauthorized access but are an obstacle for patients' safety during emergencies, IoT sensors can help to monitor the pressure levels of a pipeline but may provide extended attack surfaces for malicious hackers.

The existence of interdependencies between safety and security calls for a better (formal) understanding of this kind of interactions:

• At what level do safety and security interact? What interacts with what?
• Do these interactions regard requirements, countermeasures, factors (etc.)?

The student will choose a formalism among the most widespread in academy and industry (e.g.: Fault Trees, Attack Trees, AADL, SysML...) and explore its ability to capture safety/security interdependencies through the analysis of a case study.

Tasks:

The suggested tasks are the following:

1. Together with your supervisor, decide on a case study of interest and investigate how safety and security interact in this setting
2. Chose a formalism to analyse said case study by discussing with your supervision team and understand its modelling capabilities
3. Investigate which of the different interactions between safety and security are captured by the formalism of choice
4. Investigate at what level these interactions take place

Requirements:

Strong interest in multidisciplinary research.

What will you gain?

Working in a highly motivated team, working on a highly new and relevant research topic, tailoring of the topic on the needs of the candidate, increasing knowledge of formal methods and tools

Curious? Please, feel free to contact us for further discussion, even if you are still undecided.

Christina: c.kolb@utwente.nl

Stefano: s.m.nicoletti@utwente.nl