SAFURE - Safety And Security By Design For Interconnected Mixed-Critical Cyber-Physical Systems
SAFURE targets the design of cyber-physical systems by implementing a methodology that ensures safety and security "by construction". This methodology is enabled by a framework developed to extend system capabilities to control the concurrent effects of security threats on the system behaviour.
SAFURE addressed the security of safety-critical cyber-physical systems by implementing a holistic approach to safety and security by construction, limiting the impact of security on safety when using common shared resources such as networks and processors, preserving the system from attacks that could affect the overall system safety.
At the base of the SAFURE solution is the development of a set of extensions of tools and system capabilities (referred to as the reference SAFURE Framework) able to prevent, detect and protect possible vulnerabilities and attacks through efficient system configurations and reconfigurations, keeping critical subsystems within their safety and security boundaries, without inflicting performance impairments for best-effort applications.
This framework extends system capabilities to preserve the system integrity from time starvation, massive energy dissipation and data corruption, seamlessly integrating security requirements into safety systems in a way that has never been done before. These extensions are applicable from design and development stages to application deployment and execution on multi-core chips and high performance distributed systems. The extended analysis methods, development tools and execution capabilities provided by the framework are supported by a set of guidelines (referred to as the SAFURE Methodology) to assist the designer and the developer to
- address security in a safety context,
- integrate heterogeneous security and safety requirements in the overall system architecture,
- open subsystems to resource sharing and communication,
- detect potential attacks on system integrity (timing, energy/temperature and data),
- prevent potential attacks through efficient system configuration (off-line),
- enhance mixed-criticality and reconfiguration capabilities (on-line and off-line), keeping security in mind, and
- enhance performance and resource usage on complex systems with safety and security constraints.