Assessment of Emerging Standards for Safety and Security Co-Design on a Railway Case Study

Design for safety-critical software intended for domains like transportation or medical systems is known to be difficult but is required to give a sufficient level of assurance that the system will not harm or kill people. To add to the difficulty, systems have now become highly connected and are turning into cyber-physical systems. This results in the need to address intentional cyber security threats on top of risks related to unintentional software defects. Different approaches are being defined to co-engineer both software security and safety in a consistent way. This paper aims at providing a deeper understanding of those approaches and the evolution of related standards by analysing them using a sound goal-oriented framework that can model both kind of properties and also reason on them in a risk-oriented way. In the process interesting codesign patterns are also identified and discussed. The approach is driven by a real world open specification from the railways.