Skip to main content
SpringerLink
Log in

Towards a Framework for Alignment Between Automotive Safety and Security Standards

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9338))

Included in the following conference series:

Abstract

Modern automotive systems increasingly rely on software and network connectivity for new functions and features. Security of the software and communications of the on-board system of systems becomes a critical concern for the safety of new generation vehicles. Besides methods and tools, safety and security of automotive systems requires frameworks of standards for holistic process and assurance. As a part of our ongoing work, this paper investigates the possibility of a combined safety and security approach to standards in the automotive domain. We examine existing approaches in the railway and avionics domain with similar challenges and identify specific requirements for the automotive domain. We evaluate ISO 15408 as a potential candidate for a combined safety and security approach for complementing automotive safety standard ISO 26262, and discuss their points of alignment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A work product is the result of an activity related to a requirement.

References

  1. Abelein, U., Lochner, H., Hahn, D., Straube, S.: Complexity, quality and robustness-the challenges of tomorrow’s automotive electronics. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 870–871. IEEE (2012). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6176573

  2. Braband, J.: Towards an IT security framework for railway automation. Toulouse, Febuary 2014. http://www.erts2014.org/site/0r4uxe94/fichier/erts2014_7c3.pdf

  3. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium (2011)

    Google Scholar 

  4. Schmittner, C., Ma, Z., Schoitsch, E.: Combined Safety and Security Development Lifecylce. Cambridge (2015)

    Google Scholar 

  5. Schmittner, C., Ma, Z., Gruber, T.: Standardization challenges for safety and security of connected. In: Automated and Intelligent Vehicles, Wien, November 2014

    Google Scholar 

  6. Eames, D.P., Moffett, J.D.: The integration of safety and security requirements. In: Felici, M., Kanoun, K., Pasquini, A. (eds.) SAFECOMP 1999. LNCS, vol. 1698, p. 468. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  7. Dieter Spaar: Auto, ø”ffne dich! Sicherheitsluecken bei BMWsConnectedDrive. c’t (5), pp. 86 – 90 (2015). http://heise.de/-2536384

  8. Dong-bo, P., Feng, L.: Influence between safety and security. In: ICIEA 2007, pp. 1323–1325 (2007)

    Google Scholar 

  9. International Electrotechnical Commission: IEC 62443, Industrial communication networks - Network and system security - Security for industrial automation and control systems

    Google Scholar 

  10. International Electrotechnical Commission: IEC 61508: Functional Safety of Electrical / Electronic / Programmable Electronic Safety-Related Systems (2010)

    Google Scholar 

  11. International Organization for Standardization: ISO 26262 Road vehicles - Functional safety (2011)

    Google Scholar 

  12. International Standardization Organization: ISO 15408, Information technology - Security techniques - Evaluation criteria for IT security (Common Criteria)

    Google Scholar 

  13. Ishtiaq Roufa, R.M., Mustafaa, H., Travis Taylora, S.O., Xua, W., Gruteserb, M., Trappeb, W., Seskarb, I.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: 19th USENIX Security Symposium, Washington DC. pp. 11–13 (2010). https://www.usenix.org/legacy/event/sec10/tech/full_papers/Rouf.pdf

  14. Kriaa, S., Pietre-Cambacedes, L., Bouissou, M., Halgand, Y.: A survey of approaches combining safety and security for industrial control Systems. Reliab. Eng. Syst. Saf. 139, 156–178 (2015). http://linkinghub.elsevier.com/retrieve/pii/S0951832015000538

    Article  Google Scholar 

  15. Leen, G., Heffernan, D.: Expanding automotive electronic systems. Comput. 35(1), 88–93 (2002). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=976923

    Article  Google Scholar 

  16. Macher, G., Sporer, H., Berlach, R., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method. In: Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, pp. 621–624 (2015)

    Google Scholar 

  17. Onishi, H., Mlinarsky, F.: Wireless technology assessment for automotive applications. In: Proceedings of the ITS World Congress (2012). http://www.octorange.com/English/Collaterals/Whitepapers/octoScope_WP_WirelessAutomotive_20120421.pdf

  18. Kalmbach, R., Bernhart, W., Grosse Kleimann, P., Hoffmann, M.: Automotive landscape 2025 - opportunities and challenges ahead. Technical report, Roland Berger, Strategy Consultants, March 2011

    Google Scholar 

  19. Smith, J., Russell, S., Looi, M.: Security as a safety issue in rail communications. In: Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software, vol. 33, pp. 79–88. Australian Computer Society, Inc. (2003). http://dl.acm.org/citation.cfm?id=1082058

  20. Markey, E.J.: Tracking & Hacking Security & Privacy Gaps Put American Drivers at Risk. Technical report (2015)

    Google Scholar 

  21. Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W), pp. 1–12. IEEE (2013). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6615528

  22. Sun, M., Mohan, S., Sha, L., Gunter, C.: Addressing safety and security contradictions in cyber-physical systems. In: Proceedings of the 1st Workshop on Future Directions in Cyber-Physical Systems Security (CPSSW 2009) (2009). http://cimic3.rutgers.edu/positionPapers/cpssecurity09_MuSun.pdf

Download references

Acknowledgments

This research has received funding from the EU ARTEMIS Joint Undertaking under grant agreements no. 621429 / 332987 (EMC2 / Arrowhead) and from the FFG (Austrian Research Promotion Agency) on behalf of BMVIT, The Federal Ministry of Transport, Innovation and Technology.

Author information

Authors and Affiliations

  1. Department of Digital Safety & Security, AIT Austrian Institute of Technology, Donau-City-StraßE 1, 1220, Vienna, Austria

    Christoph Schmittner & Zhendong Ma

Authors
  1. Christoph Schmittner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhendong Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christoph Schmittner .

Editor information

Editors and Affiliations

  1. University of Technology, Delft, The Netherlands

    Floor Koornneef

  2. University of Huddersfield, Huddersfield, United Kingdom

    Coen van Gulijk

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Schmittner, C., Ma, Z. (2015). Towards a Framework for Alignment Between Automotive Safety and Security Standards. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9338. Springer, Cham. https://doi.org/10.1007/978-3-319-24249-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24249-1_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24248-4

  • Online ISBN: 978-3-319-24249-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation