https://www.mdu.se/

mdu.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Hybrid Ontology for Identifying Safety Hazards and Security Threats
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-7986-2214
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-8027-0611
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-0401-1036
2024 (English)In: 2024 8th International Conference on System Reliability and Safety, ICSRS 2024, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 667-676Conference paper, Published paper (Refereed)
Abstract [en]

This paper introduces the Hazard and Threat Ontology, a hybrid ontology designed to illustrate safety hazards and security threats in complex systems of systems. Hazard Ontology and Combined Security Ontology are two ontologies with extensive terminology and complementary methodologies. They allow us to develop a hybrid approach that enables safety and security experts to analyze complex systems thoroughly. Combining these ontologies enhances the depth and scope of experts' analysis and decision-making process, and several tangible benefits are associated with using a hybrid approach across different industrial sectors. In this paper, an industrial use case illustrates the practical utility of the Hazard and Threat Ontology. Our approach facilitates the identification of hazards and threats, providing actionable insights into how to mitigate them. Consequently, assets and personnel can be protected, downtime can be reduced, and operational resilience can be enhanced.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE) , 2024. p. 667-676
Keywords [en]
Combined Security Ontology, Hazard Ontology, safety analysis, safety hazards, security threats, system of systems, Complex system of systems, Hybrid approach, Ontology's, Security ontologies, System-of-systems, Large scale systems
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-71336DOI: 10.1109/ICSRS63046.2024.10927510Scopus ID: 2-s2.0-105003090320ISBN: 9798350354508 (print)OAI: oai:DiVA.org:mdh-71336DiVA, id: diva2:1956845
Conference
8th International Conference on System Reliability and Safety, ICSRS 2024, Sicily, Italy, 20-22 November, 2024
Available from: 2025-05-07 Created: 2025-05-07 Last updated: 2025-10-10Bibliographically approved
In thesis
1. An Ontological Approach for Hazard and Threat Analysis in Cyber-Physical Systems of Systems
Open this publication in new window or tab >>An Ontological Approach for Hazard and Threat Analysis in Cyber-Physical Systems of Systems
2025 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

As society moves toward greater interconnectedness, the complexity and interdependence of systems-of-systems (SoSs) increase, giving rise to multifaceted safety hazards and security threats. The critical need for effective hazard and threat analysis within SoSs is addressed in this licentiate thesis by focusing on the development and application of specialized ontologies. The interconnected nature of safety and security is highlighted, and a novel ontological framework that integrates these aspects into a unified analysis tool is proposed. The research was organized around five main contributions:

- The application of a Hazard Ontology (HO) to a cyber-physical SoS at a quarry site equipped with autonomous vehicles, enabling the identification of hazard sources, causes, and consequences.

- Through a systematic literature review of security ontologies, essential security concepts and their relationships were identified. These concepts were harmonized with established security standards, such as NIST SP 800-160 and ISO/IEC 27001.

- The development of a Combined Security Ontology (CSO), based on the Unified Foundational Ontology (UFO), by synthesizing security concepts derived from the literature review and mapping them to a foundational safety ontology to bridge the gap between the security and safety domains.

- A comparative analysis of the HO and the CSO was conducted, highlighting similarities and differences in concepts and relationships, and clarifying the integration challenges and opportunities between safety and security ontologies.

- The proposed Hazard and Threat Ontology (HTO) extends the HO and integrates elements from the CSO, facilitating simultaneous analysis of hazard and threat within SoSs.

The thesis emphasizes the need for evolving ontological methods to enhance hazard and threat analyses in SoSs, ensuring their adaptability to dynamic operational environments and emerging challenges. With this integrated approach, the thesis aims to contribute to the safety and security domains within systems engineering by providing a methodological framework that is both innovative and applicable to real-world scenarios. 
Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2025. p. 190
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 377
Keywords
Systems-of-Systems; hazard analysis; threat analysis; safety; security; ontology; Hazard Ontology; Combined Security Ontology; Hazard and Threat Ontology; ontological integration; cyber-physical systems; autonomous vehicles; security standards; NIST SP 800-160; ISO/IEC 27001; Unified Foundational Ontology; systems engineering
National Category
Embedded Systems Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-72982 (URN)978-91-7485-714-6 (ISBN)
Presentation
2025-10-10, Gamma, Mälardalens universitet, Västerås, 13:00 (English)
Opponent
Supervisors
Available from: 2025-08-18 Created: 2025-08-13 Last updated: 2025-10-10Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Adach, MalinaBucaioni, AlessioCiccozzi, Federico

Search in DiVA

By author/editor
Adach, MalinaBucaioni, AlessioCiccozzi, Federico
By organisation
Embedded Systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 399 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Mälardalen University Library
|
DiVA Log in