Integrated Safety and Security by Design in the IT/OT Convergence of Industrial Systems: A Graph-Based Approach

Abstract

The convergence of Information Technology (IT) and Operational Technology (OT) in Industry 4.0 poses fresh challenges, demanding innovative strategies to ensure the safe execution of production processes. With the increasing significance of production system integrity, any security breaches can lead to severe consequences like production downtime, equipment damage, or human harm. Our prior research on Austrian industrial automation stakeholders highlighted the necessity for a cost-effective, all-encompassing approach to the integrated safety and security. We introduced an extensive ontology for safety, security, and operational requirements in IT/OT convergence. This paper presents an approach of Model-Based Systems Engineering (MBSE) for the integrated safety and security by design of industrial systems. We employ the Systems Modeling Language (SysML) 2.0 for precise modeling. We define metadata information that are used as tags for SysML 2.0 model instances. Afterwards, we create a graph-based model of the system. These graphs are used to validate safety and security standards and requirements. Finally, we automatically generate artifacts, such as code or documentation, which adhere to the standards. Our approach is extensible and supports reusability already after covering two standards. Having provided support for the standards IEC 62443-3-3 and IEC 61508, we reuse our approach to validate the standard ISO 13850:2015.