Modern control systems are becoming complex and interconnected as they are increasingly integrating new information and communication technologies. Many industries like automobile, aeronautics and energy are facing great challenges as their systems are becoming less isolated and vulnerable to external malevolence. Indeed, cyber-attacks targeting industrial infrastructures can engender heavy impacts on the safety of humans and environment. In this topical context, we propose a new model based approach: S-cube for SCADA Safety and Security joint modelling. This approach provides a risk analysis framework that enables to evaluate industrial information and control architectures. Starting from the system description, S-cube generates automatically the different attack and failure scenarios it is exposed to. This approach is illustrated on a use case for which qualitative and quantitative results are given.