Supporting Cyber-Security Based on Hardware-Software Interface Definition

Georg Macher, Harald Sporer, Eugen Brenner, Christian Josef Kreiner

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

The automotive industry has an annual increase rate of software implemented functions of about 30 %. In the automotive domain the increasing complexity of systems became challenging with consumer demands for advanced driving assistance systems and automated driving functionalities, and the thus broadening societal sensitivity for security and safety concerns, such as remote control of cars by hacking their IT infrastructure.

As vehicle providers gear up for the cyber-security challenges, they can leverage experiences from many other domains, but nevertheless have to face several unique challenges. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems in close relation to ISO 26262. Although functional safety and cyber-security engineering have a considerable overlap regarding many facets, such as analysis methods and system function thinking, the definition of system borders (item definition vs. trust boundaries) often differs largely. Therefore, appropriate systematic approaches to support the identification of trust boundaries and attack vectors for the safety- and cybersecurity-relates aspects of complex automotive systems are essential. In the course of this paper, we analyze a method to identify attack vectors on complex systems via signal interfaces. We focus on a central development artifact of the ISO 26262 functional safety development process, the hardware-software interface (HSI), and propose an extension for the HSI to support the cyber-security engineering process.
Originalspracheenglisch
Titel23rd European Conference on Systems, Software and Services Process Improvement, EuroSPI 2016
Herausgeber (Verlag)Springer International Publishing AG
Seiten148
Seitenumfang159
DOIs
PublikationsstatusVeröffentlicht - 2016
Veranstaltung23rd European Conference on Systems, Software and Services Process Improvement: EuroSPI 2016 - Graz, Österreich
Dauer: 14 Sep 201616 Sep 2016

Konferenz

Konferenz23rd European Conference on Systems, Software and Services Process Improvement
LandÖsterreich
OrtGraz
Zeitraum14/09/1616/09/16

Fields of Expertise

  • Information, Communication & Computing
  • Mobility & Production

Fingerprint

Untersuchen Sie die Forschungsthemen von „Supporting Cyber-Security Based on Hardware-Software Interface Definition“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren