Safety vs. security – how can divergence become convergence?

“Sicherheit = Sicherheit”?

In the German language we often use the term “Sicherheit”. However, if you translate the whole thing into English, you will find that a distinction is made between safety and security. But where exactly are the differences?

If you take a look at the definitions of the two English terms, you will quickly see that “Sicherheit ≠ Sicherheit”.

The English word safety refers to the consideration of the functional safety of a system. The aim here is to protect the environment from the malfunction of a system and thus to preserve the integrity of the environment and people.

Safety Definition
Security Definition

Security, on the other hand, aims to protect a system and the data stored in it from unwanted access and damage from its environment.

The subject of safety has been an integral part of industrial development processes for decades. Whether FMEA (Failure Mode and Effects Analysis), FTA (Fault Tree Analysis) or ASIL Level (Automotive Safety Integrity Levels), all process steps and concepts have been established for decades and function smoothly.

But now comes the field of security. In the past, individual aspects of this domain have already been taken into account in industrial development, such as the protection of intellectual property (e.g. construction plans, formulas, etc.) from external access, but a holistic view of security across all development and production phases is still missing today. In addition, due to legislation, compliance with safety standards is considered indispensable for any warranty claims. In contrast, security was sometimes regarded as “nice to have” in the past.

Due to these facts and the different objectives of the two disciplines, safety and security were previously regarded as two separate areas. However, it can increasingly be observed that these two disciplines can no longer be regarded as completely separate. Due to the progress of digitalisation and the spread of networked components, even in safety-critical systems, interference between safety and security can be increasingly detected. But does the common context also automatically mean that the two disciplines are synergistic?

How do safety and security differ from each other?

In addition to the differentiation of the conceptual definition of security, the domains differ in other respects.

Safety is distinguished by a very static character. If, for example, a safety concept has been developed and implemented for a production machine, this system is not changed so quickly, so that frequent adaptation of safety requirements and measures is not necessary. Although ageing or wear and tear of safety components can occur, this usually happens continuously over a fairly long period of time.

There are therefore numerous standards that provide a precise framework of guidelines to be observed, such as:

  • ISO 26262 – Road vehicles – Functional Safety
  • ISO 61508 – Functional safety of safety-related electrical/electronic/programmable electronic systems
  • IEC 61511 – Functional safety – PCT safety devices for the process industry
  • IEC 62061 – Safety of machinery – Functional safety
  • ISO 10218-1-2 – Industrial robots – Safety requirements

Compared to safety, security is a rather fast-moving discipline. Especially due to the increase in networked components, security is increasingly coming into focus. Originally known primarily from the IT world, this domain must react flexibly and at short notice to newly emerging weaknesses in a system, because every weakness immediately creates a potential threat. The IEC 62443 standard uses the calculation parameter “Attacker motivation”. This parameter expresses the dynamic change and the increase over time, i.e. the danger increases steadily and previously successfully implemented countermeasures may no longer be sufficient.

Due to the differences to the safety domain, security is of course based on different standards, such as:

  • BSI IT-Grundschutz – Methods and procedures in the area of information security
  • ISO 27000 series of standards – Information technology – Security procedures – Information security management systems
  • IEC 62443 – Cybersecurity in industrial automation

In addition, the international draft of the new Automotive Cybersecurity Standard ISO/ SAE 21434 was published in February of this year, which for the first time deals with the development process in terms of security.

Nevertheless, a clear differentiation of the domains of safety and security is usually difficult, because the transitions can be fluid.

How could convergence be achieved?

„If it’s not secure, it’s not safe.“

… a statement that has been heard over and over again in recent years. This means that for a system that is not protected against external attacks, the protection of the system environment against the malfunctioning of the technical system can also no longer be guaranteed. Therefore a joint consideration of safety and security is indispensable.

The cornerstone of convergence can certainly be found in the consideration of the similarities between safety and security. Commonalities can already be identified today, both in the development process and in technical solutions. The development process regarding functional safety is defined in ISO 26262. This was previously missing for cyber security. However, with the future standard ISO/ SAE 21434, this will now also be made up for the domain of security. But even without a close look at the development steps laid down in the standard, commonalities can already be identified in an abstract form.

Comparison of the abstract development process of safety and security

Figure: Comparison of the abstract development process of safety and security

It would therefore be worth considering how these two processes could be combined in the future. The standardization committees have also recognized this necessity, and references can already be found today from safety to security standards, for example from the safety standard DIN EN 61508 (“Functional safety of safety-related electrical/ electronic/ programmable electronic systems”) to the security standard IEC 62443 (“Security for industrial automation and control systems”).

One thing is certain, the changes brought about by the growing networking of technical systems require a rethink of the way safety and security have been viewed up to now. In future, those responsible for both domains must be in close contact with each other and can thus learn from each other in terms of their experience. In addition, security should become just as much an integral part of the design and development process as safety has been for decades.

How do you see the convergence of safety and security?

secure@itemis.com

Let’s Discuss