Table 6. Summary of STPA-DFSec and STPA-Sec steps.
Summary and comparison of STPA-DFSec and STPA-Sec approaches with differences marked.
| Basic four steps | STPA-DFSec details | STPA-Sec details |
|---|---|---|
| Step 1: Define the purpose of the analysis | Identify system-level losses, vulnerabilities, and constraints. Link vulnerabilities with corresponding losses and security attributes+. A general losses list is provided+ | Identify system-level losses, vulnerabilities, and constraints |
| Step 2: Model the system structure | Model the system by functional interaction structure based on data flows*. A common function set for FIS is provided+ | Model the system by functional control structure based on the control loop |
| Step 3: Identify insecure items | Use adapted guide words* (“not being executed”, “being executed” and “being executed but exceeding the time limits”) to identify insecure function behaviors | Use guide words (“not providing”, “providing”, “too early, too late, out of order”, “stopped too soon, applied too long”) to identify insecure control actions |
| Step 4: Identify loss scenarios | Use adapted guide words* (“function itself”, “execution environment (incl. function inputs, calling behaviors, computing resources, and links)”) to identify loss scenarios | Use guide words (“unsafe controller behavior”, “inadequate feedback and information”, “involving the control path”, “related to the controlled process”) to identify loss scenarios |
Notes:
+
Added features of the STPA-DFSec.
*
Modified steps in comparison with the original STPA-Sec.