CC-Case-Safety and Security Engineering Methodology

Abstract

As the complexity of computer systems increases, assuring safety and security is significant. The authors aim to construct a new development methodology CC-Case that can assure the demands of complex systems, including IoT and AI, using safety and security technologies in an integrated manner. As a central framework of CC-Case, this manuscript shows requirements extraction by STAMP/STPA extension to safety and security (STAMP S & S) and assurance using GSN divided into a logical model and a concrete model. STAMP S & S makes it possible to model requirements based on system theory and extract more comprehensive safety and security requirements in a single model diagram. Besides, the GSN defines the overall picture of the assurance and verifies and validates the hazards and threats extracted by STAMP S & S. This paper presents the procedures of CC-Case with STAMP, GSN, and show examples of level 3 autonomous driving.