Identifying flows of information and energy in cyber-physical systems: A framework for safety risk analysis

Cyber-physical systems (CPS) are engineered system of systems integrating cyber processes to the feedback control of physical processes in cooperative (semi)automated control configurations with their related human roles. The concept of CPS encompasses a wide range of applications, from autonomous vehicles, critical infrastructures, industrial control systems, military defence systems, medical devices, among others.

Overall, these applications share a set of key features: controlling some physical processes in real-time, while retaining a relation between automation and human factors. In recent years, several models have emerged in the literature to understand the interdependencies between security and safety in CPS.

In their review, Humayed et al. [1] demonstrated the suitability of modelling many CPS applications according to three types of interactions or aspects. Namely, they modelled CPS as an integration of cyber, cyber-physical, and physical aspects. Using the taxonomy of cross-domain attacks illustrated in [2], this model describes adversarial, accidental and environmental sources of risk in CPS and their propagation throughout the aspects of the system.

Despite being a good starting point for the identification of a comprehensive set of sources of risk, this model only provides a general description of the method and final physical impacts to the system and its environment. We argue that the lack of a conceptual framework impedes a detailed identification of safety risks, i.e. potential human injuries, damage to assets, and impacts to the natural environment.

Therefore, we developed a unified safety and security framework for safety risk analysis of CPS. This framework is a refinement of the Uncontrolled Flows of Energy (UFOE) concept presented in [3]. The UFOE concept considers a source of risk as a loss of confinement resulting in uncontrolled energy flows.

By incorporating the concept of Uncontrolled Flows of Information (UFOI), we facilitate the identification of UFOI leading to UFOE. This concept is the basis for the Uncontrolled Flows of Information and Energy (UFOI-E) framework for safety risk analysis. In particular, this paper develops the UFOI-E framework in three phases.

First, we refine the definition of CPS aspects described in [1], conceiving them as system layers exchanging information and energy flows. Second, we illustrate a diagrammatic representation to identify the typical flows present throughout CPS, both within their layers and across their interfaces. Moreover, this representation includes the physical and cyber environments and their interactions with the system.

Third, we introduce a taxonomy of UFOI-E in CPS and their potential safetyrelated consequences.