Skip to main content

Secure-by-design through integrated security, safety and human factors.

Tools

Thron, E., Ki-Aries, D., Dogan, H., Freer, M. and Faily, S., 2026. Secure-by-design through integrated security, safety and human factors. In: Ergonomics & Human Factors 2026, 27-29 April 2026, Nottingham, UK.

Full text available as:

[thumbnail of Secure-by-design through integrated security, safety and human factors_EHF2026.pdf]
Preview
 PDF
Secure-by-design through integrated security, safety and human factors_EHF2026.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.
866kB

Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk.

Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material.

Official URL: https://ergonomics.org.uk/events-calendar/ergonomi...

Abstract

Cyber-attacks increasingly threaten critical infrastructure, where interactions between security, safety, and human-system behaviour create complex socio-technical risks. If not managed early, these interactions can produce latent vulnerabilities and unsafe operational states. This paper presents a Minimum Viable Product (MVP), developed by Bournemouth University and Mima and funded by the Defence Science and Technology Laboratory (Dstl), to operationalise Secure-by-Design through integrated Human Factors (HF), safety, and cybersecurity analysis. The MVP combines System-Theoretic Process Analysis (STPA) with Hierarchical Task Analysis (HTA), Cognitive Task Analysis (CTA), Performance Shaping Factors (PSFs), and Human Attributes analysis to generate a structured and traceable User Requirements Document (URD) from a Defence specification exemplar. Results demonstrate that integrating HF, safety, and cybersecurity during early capability definition enables identification of cross-domain risks and supports derivation of coherent, traceable Secure-by-Design requirements for cyber-physical systems.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Secure-by-Design; Human Factors; Cybersecurity; Safety; Minimum Viable Product; Critical National Infrastructure
Group:Faculty of Media, Science and Technology
ID Code:41992
Deposited By: Symplectic RT2
Deposited On:06 May 2026 14:10
Last Modified:06 May 2026 14:10

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -