Understanding the Impact of Cyber Security Risks on Safety

Christine Izuakor

Abstract

To date, cyber security risk management has focused on preservation of information security through protection of confidentiality, integrity, and availability (CIA). The growing use of cyber technology in safety intensive organizations has posed a challenge for those trying to understand the impacts cyber security risks have on safety. This knowledge gap slows progress towards InfoSec maturity and puts organizations and stakeholders at greater risk. For example, e-enabled aircraft now rely heavily on cyber resources, yet cyber security analysis in aviation usually focuses on CIA of information to prevent economic loss. What happens when a malicious attacker successfully exploits cyber aircraft vulnerabilities? This can potentially downgrade critical functions and result in injury or loss of life. To better understand the impacts of cyber risk on safety, the CIA information security triad should expand beyond its current focus to also consider safety.

References

  1. Albrechtsen, E., 2003. Security vs Safety, s.l.: Norwegian University of Science and Technology.
  2. Canadian Centre for Occupational Health and Safety, 2015. Risk Assessment. [Online] Available at: http:// www.ccohs.ca/oshanswers/hsprograms/risk_assessme nt.html.
  3. City University London, 2015. SESAMO - Security and Safety Modelling. [Online] Available at: https:// www.city.ac.uk/centre-for-software-reliability/ research/research-projects/sesamo-project.
  4. Costin, A. & Francillon, A., 2012. Ghost in the Air (Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices, Sophia-Anipolis: Black Hat.
  5. Department of Homeland Security, 2002. National Strategy for Homeland Security, s.l.: s.n.
  6. International Civil Aviation Organization, 2014. Initial Report on Risk Assessement of Cyber-Attack - Air Traffic Management, Montreal: s.n.
  7. Musman, S. et al., 2010. Evaluating the Impact of Cyber Attacks on Missions, McLean, VA: The MITRE Corportation.
  8. National Institute of Standards and Technology, 2012. Guide for Conducting Risk Assessments, Gathersburg: NIST.
  9. Soperus, M., 2009. Conficker Work Shuts Down French and UK Air Forces. [Online] Available at: http:// www.maximumpc.com/conficker-worm-shuts-downfrench-and-uk-air-forces/ [Accessed 20 September 2015].
  10. Storm, D., 2013. Hacker uses an Android to remotely attack and hijack an airplane. [Online] Available at: http://www.computerworld.com/article/2475081/cyber crime-hacking/hacker-uses-an-android-to-remotelyattack-and-hijack-an-airplane.html [Accessed 20 September 2015].
  11. TrendMicro, 2015. Understanding Targeted Attacks: Goals and Motives. [Online] Available at: http://www.trendmicro.com/vinfo/us/security/news/cy ber-attacks/understanding-targeted-attacks-goals-andmotives.
  12. U.S. Department of Labor, 1992. VI. Risk Assessment. [Online] Available at: https://www.osha.gov/
  13. Zetter, K., 2015. Feds Say That Banned Researcher Commandeered A Plane. [Online] Available at: http://www.wired.com/2015/05/feds-say-bannedresearcher-commandeered-plane/
  14. Zetter, K., 2015. Is it possible for passengers to hack commercial aircraft?. [Online] Available at: http://www.wired.com/2015/05/possible-passengershack-commercial-aircraft/ [Accessed 20 September 2015].
Download


Paper Citation


in Harvard Style

Izuakor C. (2016). Understanding the Impact of Cyber Security Risks on Safety . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 509-513. DOI: 10.5220/0005796805090513


in Bibtex Style

@conference{icissp16,
author={Christine Izuakor},
title={Understanding the Impact of Cyber Security Risks on Safety},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={509-513},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005796805090513},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Understanding the Impact of Cyber Security Risks on Safety
SN - 978-989-758-167-0
AU - Izuakor C.
PY - 2016
SP - 509
EP - 513
DO - 10.5220/0005796805090513