Using Tree-Based Approaches to Analyze Dependability and Security on I&C Systems in Safety-Critical Systems

This study uses event trees and fault trees to analyze dependability issues on instrumentation and control systems in safety-critical systems. In an event tree, each state can be constructed as a fault tree and each fault tree can be converted to an ordered binary decision diagram (OBDD). The state probability can then be evaluated by quantifying the corresponding OBDD. We present an algorithm to combine OBDDs and evaluate each outcome probability for both statistically-independent (s-independent) and statistically-dependent (s-dependent) events. For s-independent events, the outcome probability can be easily obtained by probability multiplications of the associated branch states. For s-dependent events, we present an algorithm to combine OBDDs and compute each outcome probability. In the security domain, we analyze cyberphysical security issues with attack trees. The countermeasures and different levels/layers of protection are also presented. The integration of the dependability and security analysis are adopted by combining event trees, fault trees, and attack trees. A case study is presented to demonstrate that the integration of dependability and security is feasible and the improvement of outcome risk is significant through adopting security countermeasures.