Facilitating Safety and Security Co-design and Formal Analysis in Multi-layered System Modeling

The engineering process of systems deployed in critical domains (e.g., automotive) advocates for early-stage integrated analysis of safety and security concerns, given their mutual influence. Specifically, in the design phase, safety and security requirements undergo a transition to the system architectural design across different granular and conceptual representations. However, such an enrichment process is often complex and lacks preliminary guidance to consistently break down high-level system specifications and requirements into intricate architecture and deployment. In particular, engineers require further support to interpret diverse system, safety, and security expertise and facilitate the consistent passage of knowledge pertaining to these disciplines for automated analysis. To this end, we propose an approach to facilitate the joint design and formal analysis of system safety and security concerns. Notably, the approach aims for a three-layered system modeling, integrating mission, functional and component views, and also, reusable libraries of pre-defined safety and security properties, specialize-able across them. We couple the Model-Driven Engineering (MDE) paradigm and Formal Methods (FM) for the hierarchical-precise modeling, formal interpretation, and verification of model views w.r.t. the desired properties. The accompanying tool-chain support for approach instantiation builds upon Papyrus as a modeling framework and Rodin as a formal-based tool for verification. The proposed approach is illustrated via a Connected-Driving Vehicles (CDVs) use case.