Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?

Christian Josef Kreiner, Georg Macher, Andreas Riel

Publikation: Beitrag in einer FachzeitschriftArtikelForschungBegutachtung

Abstract

With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.
Originalspracheenglisch
Seiten (von - bis)37-46
Seitenumfang10
FachzeitschriftSoftware quality professional
Jahrgang18
Ausgabenummer4
PublikationsstatusVeröffentlicht - Sep 2016

Fingerprint

Hazards
Risk assessment
Advanced driver assistance systems
Architectural design
Automotive industry
Embedded systems
Gears
Information systems
Railroad cars

Schlagwörter

    Dies zitieren

    Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061? / Kreiner, Christian Josef; Macher, Georg; Riel, Andreas.

    in: Software quality professional, Jahrgang 18, Nr. 4, 09.2016, S. 37-46.

    Publikation: Beitrag in einer FachzeitschriftArtikelForschungBegutachtung

    Kreiner, Christian Josef ; Macher, Georg ; Riel, Andreas. / Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?. in: Software quality professional. 2016 ; Jahrgang 18, Nr. 4. S. 37-46.
    @article{a56e3de7f2b2496bb1c02c1b0c0e5312,
    title = "Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?",
    abstract = "With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.",
    keywords = "cybersecurity, functional safety, ISO 26262, SAE J3061",
    author = "Kreiner, {Christian Josef} and Georg Macher and Andreas Riel",
    year = "2016",
    month = "9",
    language = "English",
    volume = "18",
    pages = "37--46",
    journal = "Software quality professional",
    issn = "1522-0540",
    number = "4",

    }

    TY - JOUR

    T1 - Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?

    AU - Kreiner, Christian Josef

    AU - Macher, Georg

    AU - Riel, Andreas

    PY - 2016/9

    Y1 - 2016/9

    N2 - With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.

    AB - With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.

    KW - cybersecurity

    KW - functional safety

    KW - ISO 26262

    KW - SAE J3061

    M3 - Article

    VL - 18

    SP - 37

    EP - 46

    JO - Software quality professional

    JF - Software quality professional

    SN - 1522-0540

    IS - 4

    ER -