Integration of safety and cybersecurity analysis through combination of systems and reliability theory methods

Joaquim Castella Triginer, Helmut Martin, Bernhard Winkler, Nadja Christiane Marko

    Research output: Contribution to conferencePaperpeer-review

    Abstract

    The development of requirements for automotive E/E (electrics/electronics) systems arebecoming increasingly complexsince these systems are more and moreinterconnectedand software intensive.In the automotive industry, there are two main international standards to accomplish safety and cybersecurityrequirements:ISO 26262 for functional safetyinE/E systems and SAE J3061(ISO/SAE21434 in elaboration)for cybersecurityengineeringin cyber-physical vehicle systems. Safety and securityare two interdependent properties of future automated driving systemsthat mustensure the protection ofvehicles againstunintended failures and intentional attacks.To optimize resources, it is necessary to find common properties to integrate functionalsafety and cybersecurity in a unified analysis. Furthermore, a holistic approach to safetyand cybersecurity analysis is needed, based on systems theory, which addresses more types of hazards and threats,and treats them as a problem of dynamic control rather than individual component failure.This paper presents the integration of safety and cybersecurity analysis through the combination of methods based on systems theory and reliability theory. It provides an overall, generic methodology to combinethe functional safety and cybersecurity analysis, to obtain a list of common requirements.The presented approachcombines systems theory methodsSTPA (Systems-Theoretic Process Analysis) and STPA-sec (STPA for Security) with the reliability theory methodsHARA (Hazard Analysis and Risk Assessment) and TARA (Threat Analysis and Risk Assessment).The proposed approach is applied to an on-goingproject of a fully automated vehicle at Virtual Vehicle Research Centercalled SPIDER(Smart PhysIcal Demonstration and Evaluation Robot). SPIDERis an omnidirectional robot car,which can autonomously move along a predefined global path with a self-developed mobile platform for the development and testing of autonomous driving functions.Firstresultsprovide a proof of concepton applying the proposed approach to the remote communication module of SPIDER obtaining the functional and technical safety and cybersecurity requirements.
    Original languageEnglish
    Publication statusSubmitted - 31 Jan 2020
    Event10th European Congress Embedded Real Time Systems: ERTS 2020 - Toulouse, France
    Duration: 29 Jan 202031 Jan 2020
    https://www.erts2020.org/

    Conference

    Conference10th European Congress Embedded Real Time Systems
    Abbreviated titleERTS 2020
    Country/TerritoryFrance
    CityToulouse
    Period29/01/2031/01/20
    Internet address

    Fingerprint

    Dive into the research topics of 'Integration of safety and cybersecurity analysis through combination of systems and reliability theory methods'. Together they form a unique fingerprint.

    Cite this