Dear,

LEONARDO and CETIC submitted a joint paper to the CyberCert 2020 workshop that has been accepted for publication. The paper reports on joint work in WP11 and WP5 (CAPE) and acknowledges SPARTA.

Title: Towards Incremental Safety and Security Requirements Co-Certification

Authors: Morgagni Andrea, Massonet Philippe, Dupont Sébastien, Grandclaudon Jeremy

Abstract: The continuous technological developments and the growing connectivity of applications and infrastructures is leading to the new threats to the technological world in particular to the possibility of considering certain threats in environments that were not previously touched by them. Now that many safety critical systems are becoming connected, they need to be protected from security threats. Safety and security engineering and certification evaluation are processes that have evolved independently. However now that security issues may impact safety they need to be analysed together, yet the processes must become more flexible to encourage certification when it is not mandatory. In this paper we sketch an approach for incremental certification of security requirements with Common Criteria in the general context of security/safety co-engineering and certification. The approach is illustrated with a case study.

Best regards,

Philippe