Abstract
The automotive industry relies increasingly on computer technology in their cars, which malicious attackers can exploit. Therefore, the Original Equipment Manufacturers (OEMs) have to adopt security engineering practices in their development efforts, in addition to their safety engineering efforts. In particular, information assets that can undermine safety have to be identified and protected. Assessing the safety relevance of specific information assets is best done by safety engineers, who, unfortunately, often do not have the security expertise to do so. In this paper, we propose a technique for identifying information assets and protection goals that are relevant for safety. Our method is based on security guide-words, which allow a structured identification of possible attack scenarios. The method is similar to the Hazard and Operability Study (HAZOP) in safety for eliciting possible faults. The similarity of the approach shall ease the effort for non-security engineers to identify information assets and protection goals to allow an exchange between safety and security mindsets. In contrary to other proposed methods, we performed an evaluation of our technique to show their practical application. In our evaluation with a total of 30 employees of an automotive supplier and employees of the University of Applied Sciences in Karlsruhe, results show that all non-security engineers achieved for precision, productivity and sensitivity, on average, higher values than the security control group.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that these full time employees are doing a PhD, as well. In contrast to scholarship students they not exclusively work on their PhD.
References
Beckers, K., Dürrwang, J., Holling, D.: Standard compliant hazard and threat analysis for the automotive domain. Information 7(3), 36 (2016). http://www.mdpi.com/2078-2489/7/3/36
Beckers, K., Holling, D., Côté, I., Hatebur, D.: A structured hazard analysis and risk assessment method for automotive systems-a descriptive study. Reliab. Eng. Syst. Safety 158, 185–195 (2016)
Charette, R.N.: This car runs on code (2009). http://spectrum.ieee.org/transportation/systems/this-car-runs-on-code. Accessed 12 Feb 2016
Hatebur, D., Heisel, M.: A UML profile for requirements analysis of dependable software. In: Schoitsch, E. (ed.) SAFECOMP 2010. LNCS, vol. 6351, pp. 317–331. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15651-9_24
IEC: Hazard and Operability Studies (HAZOP studies). ISO/IEC 62882, International Electrotechnical Commission (IEC) (2005)
ISO: ISO 26262 - Road Vehicles - Functional Safety (2011)
Wei, J., Matsubara, Y., Takada, H.: HAZOP-based security analysis for embedded systems: case study of open. In: 2015 7th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), pp. SSS-1–SSS-8 (2016)
Jürgen, D.: Evaluation security guideword experiment. http://www.home.hs-karlsruhe.de/~duju0001/Evaluation_SGM/. Accessed 13 Mar 2017
Miller, C., Valasek, C.: A survey of remote automotive attack surfaces (2014)
Rheinberg, F., Vollmeyer, R., Engeser, S.: Die Erfassung des Flow-Rrlebens (2003)
Ring, M., Dürrwang, J., Sommer, F., Kriesten, R.: Survey on vehicular attacks - building a vulnerability database. In: 2015 IEEE International Conference on Vehicular Electronics and Safety (ICVES), pp. 208–212 (2015)
SAE: Cybersecurity guidebook for cyber-physical vehicle systems (2016). http://standards.sae.org/wip/j3061/. Accessed 12 Apr 2016
Scandariato, R., Wuyts, K., Joosen, W.: A descriptive study of Microsoft’s threat modeling technique. Requirements Eng. 20(2), 163–180 (2015)
Schmittner, C., Ma, Z., Schoitsch, E., Gruber, T.: A case study of FMVEA and CHASSIS as safety and security co-analysis method for automotive cyber-physical systems. In: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security, pp. 69–80 (2015)
Winther, R., Johnsen, O.-A., Gran, B.A.: Security assessments of safety critical systems using HAZOPs. In: Voges, U. (ed.) SAFECOMP 2001. LNCS, vol. 2187, pp. 14–24. Springer, Heidelberg (2001). doi:10.1007/3-540-45416-0_2
Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A.: Experimentation in Software Engineering. Springer Science & Business Media, Heidelberg (2012)
Acknowledgements
We thank the anonymous reviewers for their inspiring comments. This work has been developed in the project SAFE ME ASAP (reference number: 03FH011IX5) that is partly funded by the German ministry of education and research (BMBF) within the research programme ICT 2020.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Dürrwang, J., Beckers, K., Kriesten, R. (2017). A Lightweight Threat Analysis Approach Intertwining Safety and Security for the Automotive Domain. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2017. Lecture Notes in Computer Science(), vol 10488. Springer, Cham. https://doi.org/10.1007/978-3-319-66266-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-66266-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66265-7
Online ISBN: 978-3-319-66266-4
eBook Packages: Computer ScienceComputer Science (R0)