The Coupling of Operational Safety and INFOSEC Assessments ¹ 2001-01-2641

This paper describes an approach to integrating security and safety analysis of an Air Traffic Service (ATS) using the security assessment as an additional input to the risk management process. This approach helps address potential problems in coordinating safety and security requirements such as: different system models used for safety and security; different documentation structures for the analyses and their results; and the practice of isolating safety and security requirements processes. What motivates this approach is the overlap between security and safety considerations in the identification of hazards and associated risk management strategies.