Abstract
Nowadays systems are becoming more and more connected. Consequently, the co-engineering of (cyber)security and safety life cycles becomes paramount. Currently, no standard provides a structured co-engineering process to facilitate the communication between safety and security engineers. In this paper, we propose a process for co-engineering safety and security by the explicit systematization and management of commonalities and variabilities, implicitly stated in the requirements of the different standards. Our process treats the safety and security life cycles as members of a security-informed safety-oriented process line and so it forces safety and security engineers to come together and brainstorm on what might be considered a commonality and what might be considered a variability. We illustrate the usage of our process by systematizing commonalities and variabilities at risk analysis phase in the context of ISO 26262 and SAE J3061. We then draw lessons learnt. Finally, we sketch some directions for future work.
- AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) Project (online), https://www.amass-ecsel.eu.Google Scholar
- AMASS Project: Deliverables (online) https://www.amassecsel. eu/content/deliverables.Google Scholar
- ENISA (European Network and Information Security Agency), ENISA good practices for security of Smart Cars, https://www.enisa.europa.eu/publications/enisa-goodpractices- for-security-of-smart-cars.Google Scholar
- EVITA project, https://www.evita-project.org.Google Scholar
- ISO 26262 (2018), Road vehicles -- Functional safety, International Standard.Google Scholar
- ISO/SAE 21434, Road vehicles -- Cybersecurity Engineering - General Overview. https://www.iso.org/ standard/70918.htmlGoogle Scholar
- ISO/PAS 21448 (2019), Road vehicles - Safety of the intended functionality.Google Scholar
- SAE - Society of Automotive Engineers, SAE J3061 - Cybersecurity Guidebook for Cyber-Physical Automotive Systems.Google Scholar
- SECREDAS (Product Security for Cross Domain Reliable Dependable Automated Systems), http://secredas.eu/Google Scholar
- Underwriters Laboratories Inc. (UL), UL 4600 - Standard for Safety for the Evaluation of Autonomous Products.Google Scholar
- I. Ayala, B. Gallina (2016), Towards Tool-based Securityinformed Safety Oriented Process Line Engineering, 1st ACM International workshop on Interplay of Security,Safety and System/Software Architecture (ISSA), Copenhagen, Denmark.Google Scholar
- J. Castellanos Ardila, B. Gallina (2017), Towards Efficiently Checking Compliance Against Automotive Security and Safety Standards, 7th IEEE International Workshop on Software Certification., Toulouse, France.Google Scholar
- B. Gallina, L. Fabre (2015), Benefits of security-informed safety-oriented process line engineering, Digital Avionics Systems Conference (DASC), IEEE/AIAA 34th (pp. 8C1- 1), IEEE.Google Scholar
- B. Gallina, I. Sljivo, O. Jaradat (2012), Towards a Safetyoriented Process Line for Enabling Reuse in Safety Critical Systems Development and Certification, Postproceedings of the 35th IEEE Software Engineering Workshop (SEW-35).Google Scholar
- B. Gallina, S. Kashiyarandi, H. Martin, R. Bramberger (2014), Modeling a safety-and automotive-oriented process line to enable reuse and flexible process derivation, Computer Software and Applications Conference Workshops (COMPSACW), IEEE 38th International, pp. 504--509.Google Scholar
Digital Library
- B. Gallina, M. A. Javed, H. Martin, R. Bramberger (2019), Co-engineering of security and safety life-cycles for engineering security-informed safety-critical automotive systems in compliance with SAE J3061 and ISO 26262, 24th International Conference on Reliable Software Technologies-Industrial Presentation Track (Ada- Europe), Warsaw, Poland, June 11--14.Google Scholar
- B. Gallina (2019), Quantitative Evaluation of Tailoring within SPICE-compliant Security-informed Safetyoriented Process Lines, Journal of Software: Evolution and Process, EuroSPI Special Issue, DOI:10.1002/smr.2212.Google Scholar
Digital Library
- Ø. Haugen, O. Øgård (2014), BVR--better variability results, International Conference on System Analysis and Modeling (pp. 1--15). Springer, Cham.Google Scholar
- Ø. Haugen (2012), Common Variability Language (CVL), Object Management Group, Tech. Rep. ad/2012-08-05 [Online]. Available: http://www.omgwiki.org/variability/doku.phpGoogle Scholar
- M. A. Javed, B. Gallina (2018), Get EPF Composer back to the future: A trip from Galileo to Photon after 11 years, EclipseCon, Toulouse, France.Google Scholar
- M. A. Javed, B. Gallina (2018), Safety-oriented process line engineering via seamless integration between EPF composer and BVR tool, Proceedings of the 22nd International Conference on Systems and Software Product Line-Volume 2 (pp. 23--28), ACM.Google Scholar
Digital Library
- K. C. Kang, S. G. Cohen, J. A. Hess, W. E. Novak, A. S. Peterson (1990), Feature-oriented domain analysis (FODA) feasibility study (No. Carnegie Mellon University/SEI-90-TR-21), Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst.Google Scholar
- H. Martin, R. Bramberger, C. Schmittner, Z. Ma, T. Gruber, A. Ruiz, G. Macher (2017), Safety and security co-engineering and argumentation framework, International Conference on Computer Safety, Reliability, and Security (pp. 286--297). Springer, Cham.Google Scholar
Cross Ref
- G. Macher, E. Armengaud, C. Kreiner, E. Brenner, C. Schmittner, Z. Ma, M. Krammer (2018), Integration of security in the development lifecycle of dependable automotive CPS, Solutions for Cyber-Physical Systems Ubiquity (pp. 383--423), IGI Global.Google Scholar
- N. Morgulis, A. Kreines, S. Mendelowitz, Y. Weisglass (2019), Fooling a Real Car with Adversarial Traffic Signs, arXiv preprint arXiv:1907.00374.Google Scholar
- A. Ruiz, B. Gallina, J. L. de la Vara, S. Mazzini, H. Espinoza (2016), Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems, 5th International Workshop on Next Generation of System Assurance Approaches for Safety-Critical Systems (SASSUR), Trondheim.Google Scholar
- C. Schmittner, T. Gruber, P. Puschner, E. Schoitsch (2014), Security application of failure mode and effect analysis (FMEA), International Conference on Computer Safety, Reliability, and Security (pp. 310--325), Springer, Cham.Google Scholar
Digital Library
- J. L. de la Vara, E. Parra Corredor, A. Ruiz Lopez, B. Gallina (2019), AMASS: A Large-Scale European Project to Improve the Assurance and Certification of Cyber- Physical Systems, Proceedings of the 20th International Conference on Product-Focused Software Process Improvement (PROFES), Barcelona, Spain.Google Scholar
Cross Ref
- J. L. de la Vara, A. Ruiz, B. Gallina, G. Blondelle, E. Alaña, H. Herrero, F. Warg, M. Skoglund, R. Bramberger (2019), The AMASS Approach for Assurance and Certification of Critical Systems, embedded world Conference (ewC), Nuremberg, Germany.Google Scholar
- OMG (2008), Software & systems Process Engineering Meta-model (SPEM), v 2.0, Full Specification formal/08- 04-01.Google Scholar
- BVR Tool. https://github.com/SINTEF-9012/bvrGoogle Scholar
- OpenCert - hosting the AMASS platform. https://www.polarsys.org/opencert/about/Google Scholar
- Eclipse Process Framework, Eclipse Foundation, Inc., Canada, http://www.eclipse.org/epf/.Google Scholar
- ANSYS medini analyse, ANSYS Inc., USA, https://www.ansys.com/products/systems/ ansys-medini-analyzeGoogle Scholar
Index Terms
(auto-classified)Co-engineering of Safety and Security Life Cycles for Engineering of Automotive Systems
Recommendations
Towards tool-based security-informed safety oriented process line engineering
ECSAW '16: Proccedings of the 10th European Conference on Software Architecture WorkshopsFor the purpose of certification, manufactures of nowadays highly connected safety-critical systems are expected to engineer their systems according to well-defined engineering processes in compliance with safety and security standards. Certification is ...
Assisted Assignment of Automotive Safety Requirements
ISO 26262, a functional-safety standard, uses Automotive Safety Integrity Levels (ASILs) to assign safety requirements to automotive-system elements. System designers initially assign ASILs to system-level hazards and then allocate them to elements of ...
Assurance of automotive safety - a safety case approach
SAFECOMP'10: Proceedings of the 29th international conference on Computer safety, reliability, and securityA safety case should provide a clear, comprehensible and defensible argument, supported by evidence, that a system is acceptably safe to operate in a particular environment. This approach is not new. For example, in the nuclear industry, safety cases ...






Comments