Environmental Engineering Reference
In-Depth Information
an attack in order to introduce some unintended
functionality into the product.
Direct relation between vulnerabilities and
unintended functionality in Figure 8 denotes some
possible situation, which is not covered by the
scope of this chapter; such a situation may occur
in the presence of hardware Trojans within the
components of the product, and, hence, requires
additional comprehensive analysis.
tion and validation processes, however, it
does not apply to design processes. For
example, anomaly in the technical specifica-
tion is not eliminated by an “ideal” direct
translation process (since it may not include
verification).
As an illustrative example for the proposed
definition of gap, let us consider a development
process within the I&C system life cycle model,
where the input of Processj is represented by
Producti-1, and the output (result of process
implementation) - is Producti (see Figure 9). The
transition from the previous product (i-1) to next
one (i) is accomplished by the implementation of a
prescribed process (j) by developers, using certain
tools. This process can be represented as a set of
sub-processes that are implemented in serial and/
or parallel ways, and each of such sub-processes
may contain problems (or discrepancies towards
appropriate “ideal” sub-process) due to various
reasons caused by either the developer or the tool.
Therefore, the problems in sub-processes lead to
problems in processes, which are implemented in
order to produce a new product and can result in
product anomalies (Kharchenko, V. et al., 2012,d).
Gap-IMECA-Based Approach
to Assessment of I&C
System Cyber Security
Hence, we propose a process-based approach to
GA, because “non-ideal” processes, which contain
discrepancies, can produce various problems in
the corresponding products, and the following
statements are true:
1. Presence of gaps in Processj results in
anomalies in Producti even if Producti-1 is
“ideal.”
2. Presence of anomalies within Producti-1 can
be eliminated by “ideal” Processj in many
cases. This may be true in case of verifica-
Figure 9. Development process in the I&C system life cycle model
Search WWH ::




Custom Search