Signal-Layer Security and Trust-Boundary Identification based on Hardware-Software Interface Definition

Georg Macher, Harald Sporer, Eugen Brenner, Christian Josef Kreiner

Research output: Contribution to journalArticleResearchpeer-review

Abstract

An important trend in the automotive domain is to adapt established functional safety processes and methods for security engineering. Although functional safety and cyber-security engineering have a considerable overlap, the trend of adapting methods from one domain to the other is often challenged by non-domain experts. Just as safety became a critical part of the development in the late 20th century, modern vehicles are now required to become resilient against cyber-attacks. As vehicle providers gear up for this challenge, they can capitalize on experiences from many other domains, but must also face several unique challenges. Such as, that cyber-security engineering will now join reliability and safety as a cornerstone for success in the automotive industry and approaches need to be integrated into the mainly safety oriented development lifecycle of the domain. The recently released SAE J3061 guidebook for cyber-physical vehicle systems focus on designing cyber-security aware systems in close relation to the automotive safety standard ISO 26262. The key contribution of this paper is to analyse a method to identify attack vectors on complex automotive systems via signal interfaces and propose a security classification scheme and protection mechanisms on signal layer.
To that aim, the hardware-software interface (HSI), a central development artefact of the ISO 26262 functional safety development process, is used and extended to support the cyber-security engineering process and provide cyber-security countermeasures on signal layer.
LanguageEnglish
Pages1-9
Number of pages9
JournalJournal of Ubiquitous Systems & Pervasive Networks
Volume10
Issue number1
DOIs
StatusPublished - 2018

Fingerprint

Hardware
Automotive industry
Gears

Keywords

  • automotive systems
  • hardware-software interface
  • cyber-security
  • functional safety

Cite this

Signal-Layer Security and Trust-Boundary Identification based on Hardware-Software Interface Definition. / Macher, Georg; Sporer, Harald; Brenner, Eugen; Kreiner, Christian Josef.

In: Journal of Ubiquitous Systems & Pervasive Networks, Vol. 10, No. 1, 2018, p. 1-9.

Research output: Contribution to journalArticleResearchpeer-review

@article{bd570610d0554b9e9a1f24469f6353a4,
title = "Signal-Layer Security and Trust-Boundary Identification based on Hardware-Software Interface Definition",
abstract = "An important trend in the automotive domain is to adapt established functional safety processes and methods for security engineering. Although functional safety and cyber-security engineering have a considerable overlap, the trend of adapting methods from one domain to the other is often challenged by non-domain experts. Just as safety became a critical part of the development in the late 20th century, modern vehicles are now required to become resilient against cyber-attacks. As vehicle providers gear up for this challenge, they can capitalize on experiences from many other domains, but must also face several unique challenges. Such as, that cyber-security engineering will now join reliability and safety as a cornerstone for success in the automotive industry and approaches need to be integrated into the mainly safety oriented development lifecycle of the domain. The recently released SAE J3061 guidebook for cyber-physical vehicle systems focus on designing cyber-security aware systems in close relation to the automotive safety standard ISO 26262. The key contribution of this paper is to analyse a method to identify attack vectors on complex automotive systems via signal interfaces and propose a security classification scheme and protection mechanisms on signal layer. To that aim, the hardware-software interface (HSI), a central development artefact of the ISO 26262 functional safety development process, is used and extended to support the cyber-security engineering process and provide cyber-security countermeasures on signal layer.",
keywords = "automotive systems, hardware-software interface, cyber-security, functional safety",
author = "Georg Macher and Harald Sporer and Eugen Brenner and Kreiner, {Christian Josef}",
year = "2018",
doi = "10.5383/JUSPN.10.01.001",
language = "English",
volume = "10",
pages = "1--9",
journal = "Journal of Ubiquitous Systems & Pervasive Networks",
issn = "1923-7332",
publisher = "International Association for Sharing Knowledge & Sustainability",
number = "1",

}

TY - JOUR

T1 - Signal-Layer Security and Trust-Boundary Identification based on Hardware-Software Interface Definition

AU - Macher, Georg

AU - Sporer, Harald

AU - Brenner, Eugen

AU - Kreiner, Christian Josef

PY - 2018

Y1 - 2018

N2 - An important trend in the automotive domain is to adapt established functional safety processes and methods for security engineering. Although functional safety and cyber-security engineering have a considerable overlap, the trend of adapting methods from one domain to the other is often challenged by non-domain experts. Just as safety became a critical part of the development in the late 20th century, modern vehicles are now required to become resilient against cyber-attacks. As vehicle providers gear up for this challenge, they can capitalize on experiences from many other domains, but must also face several unique challenges. Such as, that cyber-security engineering will now join reliability and safety as a cornerstone for success in the automotive industry and approaches need to be integrated into the mainly safety oriented development lifecycle of the domain. The recently released SAE J3061 guidebook for cyber-physical vehicle systems focus on designing cyber-security aware systems in close relation to the automotive safety standard ISO 26262. The key contribution of this paper is to analyse a method to identify attack vectors on complex automotive systems via signal interfaces and propose a security classification scheme and protection mechanisms on signal layer. To that aim, the hardware-software interface (HSI), a central development artefact of the ISO 26262 functional safety development process, is used and extended to support the cyber-security engineering process and provide cyber-security countermeasures on signal layer.

AB - An important trend in the automotive domain is to adapt established functional safety processes and methods for security engineering. Although functional safety and cyber-security engineering have a considerable overlap, the trend of adapting methods from one domain to the other is often challenged by non-domain experts. Just as safety became a critical part of the development in the late 20th century, modern vehicles are now required to become resilient against cyber-attacks. As vehicle providers gear up for this challenge, they can capitalize on experiences from many other domains, but must also face several unique challenges. Such as, that cyber-security engineering will now join reliability and safety as a cornerstone for success in the automotive industry and approaches need to be integrated into the mainly safety oriented development lifecycle of the domain. The recently released SAE J3061 guidebook for cyber-physical vehicle systems focus on designing cyber-security aware systems in close relation to the automotive safety standard ISO 26262. The key contribution of this paper is to analyse a method to identify attack vectors on complex automotive systems via signal interfaces and propose a security classification scheme and protection mechanisms on signal layer. To that aim, the hardware-software interface (HSI), a central development artefact of the ISO 26262 functional safety development process, is used and extended to support the cyber-security engineering process and provide cyber-security countermeasures on signal layer.

KW - automotive systems

KW - hardware-software interface

KW - cyber-security

KW - functional safety

U2 - 10.5383/JUSPN.10.01.001

DO - 10.5383/JUSPN.10.01.001

M3 - Article

VL - 10

SP - 1

EP - 9

JO - Journal of Ubiquitous Systems & Pervasive Networks

T2 - Journal of Ubiquitous Systems & Pervasive Networks

JF - Journal of Ubiquitous Systems & Pervasive Networks

SN - 1923-7332

IS - 1

ER -