Skip to main content

A Human Factors-cyber-safety framework for risk and requirements in critical infrastructure.

Thron, E., Ki-Aries, D., Freer, M., Dogan, H. and Faily, S., 2026. A Human Factors-cyber-safety framework for risk and requirements in critical infrastructure. In: International Conference on Applied Human Factors and Ergonomics (AHFE 2026), 20-24 July 2026, Istanbul, Turkey.

Full text available as:

[thumbnail of A Human Factors-Cyber-Safety.pdf]
Preview
PDF
A Human Factors-Cyber-Safety.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

540kB

Official URL: https://ahfe.org/

DOI: 10.54941/ahfe1007407

Abstract

Cyber-attacks on critical infrastructure are increasing in scale and sophistication, yet cybersecurity practice remains dominated by technology-centric assessments that insufficiently represent human contributions to risk. In cyber-physical systems (CPS), non-malicious human actions -including slips, mistakes, workarounds, training gaps, and misaligned procedures- frequently create, amplify or fail to detect vulnerabilities.This paper presents an integrated socio-technical framework that combines Human Factors (HF) methods, safety analysis, and cybersecurity modelling within a Secure-by-Design approach. The framework models how human performance variability influences cyber vulnerability and safety outcomes, enabling structured, scenario-based risk assessment and the derivation of traceable engineering requirements. An illustrative application demonstrates how HF findings are translated into human error mechanisms, cyber effects, unsafe control actions, safety impacts, and prioritised Secure-by-Design controls. By operationalising HF methods as cybersecurity engineering tools, the approach reframes cybersecurity as a socio-technical reliability problem comparable to safety engineering.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Human Factors; Cybersecurity; Safety-critical Systems; Critical Infrastructure; Risk Modelling; Secure-by-design
Group:Faculty of Media, Science and Technology
ID Code:42198
Deposited By: Symplectic RT2
Deposited On:10 Jul 2026 10:52
Last Modified:10 Jul 2026 10:52

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -