A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B.