6.1. Introduction

With rapidly developed network technologies and computing technologies, network-centric computing has become the core information platform in our private, social, and professional lives. This information platform is dependent on a computing and network infrastructure, which is increasingly homogeneous and open. The backbone of this infrastructure is the Internet, which is inherently insecure and unreliable. With an ever-accelerating trend of integrating mobile and wireless network infrastructure, things become worse. This is because wireless radio links tend to have much higher bit error rates, and mobility also increases the difficulty of service quality management and security control. The increased complexity of the platform and its easy access has made it more vulnerable to failures and attacks, which in turn has become a major concern for society. Traditionally there are two different communities separately working on the issues of dependability and security. One is the community of dependability that is more concerned with nonmalicious faults [1–4], to name one of just a few. The other is the security community that is more concerned with malicious attacks or faults [5, 6].

Dependability is first introduced as a general concept covering the attributes of reliability, availability, safety, integrity, maintainability, and so on. With ever-increasing malicious catastrophic Internet attacks, Internet providers have realized a need to incorporate security issues. Effort has been made to provide basic concepts and taxonomy to reflect this convergence [7–9]. The original integration effort was to form a joint committee on “Fundamental Concepts and Terminology” by the Technical Committee (TC) on Fault-Tolerant Computing of the IEEE CS, and the IFIP WG 10.4, “Dependable Computing and Fault Tolerance” [7, 10]. Security has been added as an attribute of the class of intentional malicious faults in the taxonomy of faults [10]. Avizienis et al. [7] has provided a very comprehensive set of basic concepts and taxonomy of dependable and secure computing. Jonsson [9] has proposed a system model that views environmental influence as the system input, and system behavior as the system output.

Measures for security and dependability have also been discussed. Based on the work by Avizienis et al. [7] and Jonsson [9], we propose a framework that can generically integrate dependability and security. This chapter does not intend to cover every detail of dependability and security. It places major relevant concepts and attributes in a unified feedback control system framework and illustrates the interaction via well-established control system domain knowledge. Furthermore, the framework has included discussions on lower-level security techniques, such as techniques for confidentiality, authenticity, and so on, which have not been addressed in depth in prior work [7, 9]. In this chapter, Section 6.2 provides basic concepts and related work, proposed framework is given in Section 6.3, taxonomy and illustration of the major concepts and attributes under the proposed framework are provided in Section 6.4, and Section 6.5 provides a discussion on the means to attain dependability and security.