Hybrid ontology for safety, security, and dependability risk assessments and Security Threat Analysis (STA) method for industrial control systems

This paper introduces a model-based methodology for hybrid reliability, availability, maintainability, safety, and security (RAMSS) risk assessment management, which extends our previous work of model-based, data-driven, support for engineering mission-critical systems. It represents a hybrid risk assessment ontology, which harmonises basic concepts between dependability, safety and security based on well-known industrial standards. Based on the proposed ontology, we create a cybersecurity risk analysis method, called Security Threat Analysis (STA), for industrial control systems and successfully demonstrate the method. For the demonstration, we introduce a data model for creating a tool-supported data repository for STA, then implement this repository with a commercial-off-the-shelf tool. We use the repository to carry out an exemplary STA of a nuclear fuel pool cooling control system, assessing a cybersecurity-related hazard. The demonstration suggests that the hybrid RAMSS risk assessment ontology and the related STA data model are ready to be tested in industrial use, offering a structured data repository to support assessment and traceability between the created artefacts.