Towards an extensive set of criteria for safety and cyber-security evaluation of cyber-physical systems

Aleš Smrčka; Behrooz Sangchoolie; Emanuele Mingozzi; Jose Luis de la Vara; Marie Farrell; Raul Barbosa; Cem Baglum; Ugur Yayan; Salih Ergun; Alper Kanak

doi:10.12688/openreseurope.16234.1

Towards an extensive set of criteria for safety and cyber-security evaluation of cyber-physical systems

Open Res Eur. 2023 Dec 28:3:219. doi: 10.12688/openreseurope.16234.1. eCollection 2023.

Authors

Affiliations

¹ Brno University of Technology, Brno, Czech Republic.
² RISE Research Institutes of Sweden, Borås, Sweden.
³ E.S.T.E., Ferrara, Italy.
⁴ Universidad de Castilla-La Mancha, Ciudad Real, Castile-La Mancha, Spain.
⁵ The University of Manchester, Manchester, England, UK.
⁶ Universidade de Coimbra, Coimbra, Coimbra District, Portugal.
⁷ Inovasyon Mühendislik, Eskisehir, Turkey.
⁸ Eskisehir Osmangazi University, Eskisehir, Turkey.
⁹ ERARGE, Ergunler, Isparta, Turkey.

Abstract

Verification and validation (V&V) are complex processes combining different approaches and incorporating many different methods including many activities. System engineers regularly face the question if their V&V activities lead to better products, and having appropriate criteria at hand for evaluation of safety and cybersecurity of the systems would help to answer such a question. Additionally, when there is a demand to improve the quality of an already managed V&V process, there is a struggle over what criteria to use in order to measure the improvement. This paper presents an extensive set of criteria suitable for safety and cybersecurity evaluation of cyberphysical systems. The evaluation criteria are agreed upon by 60 researchers from 32 academic and industrial organizations jointly working in a large-scale European research project on 13 real-world use cases from the domains of automotive, railway, aerospace, agriculture, healthcare, and industrial robotics.

Keywords: criteria; cyber-physical system (CPS); cybersecurity; evaluation; safety; validation; verification.

Grants and funding

The VALU3S project has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 876852. The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Austria, Czech Republic, Germany, Ireland, Italy, Portugal, Spain, Sweden, and Turkey. The views expressed in this document are the sole responsibility of the authors and do not necessarily reflect the views or position of the European Commission. The authors, the VALU3S Consortium, and the ECSEL JU are not responsible for the use which might be made of the information contained here. The work leading to this paper has also received funding from the ETHEREAL (MCIN/AEI ref. PID2020-115220RB-C21; ERDF), REBECCA (HORIZON-KDT ref. 101097224; MCIN/AEI ref. PCI2022-135043-2; NextGen.EU/PRTR), Treasure (JCCM ref. SBPLY/19/180501/000270; ERDF), and “Paradigmas de interacción para la nueva era de resiliencia digital” (UCLM ref. 2022-GRIN-34436; ERDF) projects, and from the Ramon y Cajal Program (MCIN/AEI ref. RYC-2017-22836; ESF).