The subject of safety has been an integral part of industrial development processes for decades. Whether FMEA (Failure Mode and Effects Analysis), FTA (Fault Tree Analysis) or ASIL Level (Automotive Safety Integrity Levels), all process steps and concepts have been established for decades and function smoothly.
But now comes the field of security. In the past, individual aspects of this domain have already been taken into account in industrial development, such as the protection of intellectual property (e.g. construction plans, formulas, etc.) from external access, but a holistic view of security across all development and production phases is still missing today. In addition, due to legislation, compliance with safety standards is considered indispensable for any warranty claims. In contrast, security was sometimes regarded as “nice to have” in the past.
Due to these facts and the different objectives of the two disciplines, safety and security were previously regarded as two separate areas. However, it can increasingly be observed that these two disciplines can no longer be regarded as completely separate. Due to the progress of digitalisation and the spread of networked components, even in safety-critical systems, interference between safety and security can be increasingly detected. But does the common context also automatically mean that the two disciplines are synergistic?
How do safety and security differ from each other?
In addition to the differentiation of the conceptual definition of security, the domains differ in other respects.
Safety is distinguished by a very static character. If, for example, a safety concept has been developed and implemented for a production machine, this system is not changed so quickly, so that frequent adaptation of safety requirements and measures is not necessary. Although ageing or wear and tear of safety components can occur, this usually happens continuously over a fairly long period of time.
There are therefore numerous standards that provide a precise framework of guidelines to be observed, such as:
- ISO 26262 – Road vehicles – Functional Safety
- ISO 61508 – Functional safety of safety-related electrical/electronic/programmable electronic systems
- IEC 61511 – Functional safety – PCT safety devices for the process industry
- IEC 62061 – Safety of machinery – Functional safety
- ISO 10218-1-2 – Industrial robots – Safety requirements
Compared to safety, security is a rather fast-moving discipline. Especially due to the increase in networked components, security is increasingly coming into focus. Originally known primarily from the IT world, this domain must react flexibly and at short notice to newly emerging weaknesses in a system, because every weakness immediately creates a potential threat. The IEC 62443 standard uses the calculation parameter “Attacker motivation”. This parameter expresses the dynamic change and the increase over time, i.e. the danger increases steadily and previously successfully implemented countermeasures may no longer be sufficient.
Due to the differences to the safety domain, security is of course based on different standards, such as:
- BSI IT-Grundschutz – Methods and procedures in the area of information security
- ISO 27000 series of standards – Information technology – Security procedures – Information security management systems
- IEC 62443 – Cybersecurity in industrial automation
In addition, the international draft of the new Automotive Cybersecurity Standard ISO/ SAE 21434 was published in February of this year, which for the first time deals with the development process in terms of security.
Nevertheless, a clear differentiation of the domains of safety and security is usually difficult, because the transitions can be fluid.
How could convergence be achieved?
„If it’s not secure, it’s not safe.“
… a statement that has been heard over and over again in recent years. This means that for a system that is not protected against external attacks, the protection of the system environment against the malfunctioning of the technical system can also no longer be guaranteed. Therefore a joint consideration of safety and security is indispensable.
The cornerstone of convergence can certainly be found in the consideration of the similarities between safety and security. Commonalities can already be identified today, both in the development process and in technical solutions. The development process regarding functional safety is defined in ISO 26262. This was previously missing for cyber security. However, with the future standard ISO/ SAE 21434, this will now also be made up for the domain of security. But even without a close look at the development steps laid down in the standard, commonalities can already be identified in an abstract form.