Integration of safety and cybersecurity analysis through combination of systems and reliability theory methods

Joaquim Castella Triginer, Helmut Martin, Bernhard Winkler, Nadja Christiane Marko

Publikation: KonferenzbeitragPaperBegutachtung


The development of requirements for automotive E/E (electrics/electronics) systems arebecoming increasingly complexsince these systems are more and moreinterconnectedand software intensive.In the automotive industry, there are two main international standards to accomplish safety and cybersecurityrequirements:ISO 26262 for functional safetyinE/E systems and SAE J3061(ISO/SAE21434 in elaboration)for cybersecurityengineeringin cyber-physical vehicle systems. Safety and securityare two interdependent properties of future automated driving systemsthat mustensure the protection ofvehicles againstunintended failures and intentional attacks.To optimize resources, it is necessary to find common properties to integrate functionalsafety and cybersecurity in a unified analysis. Furthermore, a holistic approach to safetyand cybersecurity analysis is needed, based on systems theory, which addresses more types of hazards and threats,and treats them as a problem of dynamic control rather than individual component failure.This paper presents the integration of safety and cybersecurity analysis through the combination of methods based on systems theory and reliability theory. It provides an overall, generic methodology to combinethe functional safety and cybersecurity analysis, to obtain a list of common requirements.The presented approachcombines systems theory methodsSTPA (Systems-Theoretic Process Analysis) and STPA-sec (STPA for Security) with the reliability theory methodsHARA (Hazard Analysis and Risk Assessment) and TARA (Threat Analysis and Risk Assessment).The proposed approach is applied to an on-goingproject of a fully automated vehicle at Virtual Vehicle Research Centercalled SPIDER(Smart PhysIcal Demonstration and Evaluation Robot). SPIDERis an omnidirectional robot car,which can autonomously move along a predefined global path with a self-developed mobile platform for the development and testing of autonomous driving functions.Firstresultsprovide a proof of concepton applying the proposed approach to the remote communication module of SPIDER obtaining the functional and technical safety and cybersecurity requirements.
PublikationsstatusEingereicht - 31 Jan. 2020
Veranstaltung10th European Congress Embedded Real Time Systems: ERTS 2020 - Toulouse, Frankreich
Dauer: 29 Jan. 202031 Jan. 2020


Konferenz10th European Congress Embedded Real Time Systems
KurztitelERTS 2020


Untersuchen Sie die Forschungsthemen von „Integration of safety and cybersecurity analysis through combination of systems and reliability theory methods“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren