Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?

Christian Josef Kreiner, Georg Macher, Andreas Riel

Research output: Contribution to journalArticleResearchpeer-review

Abstract

With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.
LanguageEnglish
Pages37-46
Number of pages10
JournalSoftware quality professional
Volume18
Issue number4
StatusPublished - Sep 2016

Fingerprint

Hazards
Risk assessment
Advanced driver assistance systems
Architectural design
Automotive industry
Embedded systems
Gears
Information systems
Railroad cars

Keywords

  • cybersecurity
  • functional safety
  • ISO 26262
  • SAE J3061

Cite this

Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061? / Kreiner, Christian Josef; Macher, Georg; Riel, Andreas.

In: Software quality professional, Vol. 18, No. 4, 09.2016, p. 37-46.

Research output: Contribution to journalArticleResearchpeer-review

Kreiner, Christian Josef ; Macher, Georg ; Riel, Andreas. / Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?. In: Software quality professional. 2016 ; Vol. 18, No. 4. pp. 37-46
@article{a56e3de7f2b2496bb1c02c1b0c0e5312,
title = "Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?",
abstract = "With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.",
keywords = "cybersecurity, functional safety, ISO 26262, SAE J3061",
author = "Kreiner, {Christian Josef} and Georg Macher and Andreas Riel",
year = "2016",
month = "9",
language = "English",
volume = "18",
pages = "37--46",
journal = "Software quality professional",
issn = "1522-0540",
number = "4",

}

TY - JOUR

T1 - Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?

AU - Kreiner,Christian Josef

AU - Macher,Georg

AU - Riel,Andreas

PY - 2016/9

Y1 - 2016/9

N2 - With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.

AB - With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.

KW - cybersecurity

KW - functional safety

KW - ISO 26262

KW - SAE J3061

M3 - Article

VL - 18

SP - 37

EP - 46

JO - Software quality professional

T2 - Software quality professional

JF - Software quality professional

SN - 1522-0540

IS - 4

ER -