Case study on combined validation of safety &amp;amp; security requirements

Sójka, Michał; Krec, Michal; Hanzálek, Zdeněk

doi:10.1109/sies.2014.6871210

Cited by 9 publications

(9 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Larson et al (2013), the authors propose a security / safety classification of the ECUs of a vehicle. Sojka et al (2014) tested and validated an AUTOSAR module prototype. The attacks did not then have any major consequences on the module but they highlight not to study these requirements independently.…”

Section: Interests and Possibilitiesmentioning

confidence: 99%

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Boyer¹,

Chelim²,

Sobieraj³

2021

Proceedings of the 31st European Safety and Reliability Conference (ESREL 2021)

View full text Add to dashboard Cite

More and more ground transports are being used (vehicles, trucks, buses, taxis. . . ) and they remain one of the most dangerous means of transport in the world. However, vehicles are increasingly connected and autonomous with the aim of making travel safer, cleaner and more efficient. They are now able to share and communicate information between themselves and their environment in real time, helping to reduce accidents, traffic congestion and greenhouse gas emissions. These vehicles are Cyber-Physical Systems (CPS), i.e. systems made up of mechanisms that capable of controlling physical entities. In order to guarantee the robustness of such systems, they must meet two main criteria: safety and security. However, safety and security are currently dealt with independently. The reasons for this are both historical and normative. One idea is therefore to combine these two criteria in order to obtain the most robust vehicle possible. In this article, we propose to highlight recent advances in the combined study of safety and security, focused on the autonomous vehicle. To do this, we have carried out a preliminary analysis of the existing situation and a cartographic study listing the articles dealing with this combination. Various qualitative and quantitative analyses of the existing situation are present in the literature, generally focused on CPS. Then, based on this study, we grouped the articles according to two categories: those highlighting the interests and possibilities of such a combination and those presenting hybrid methods in detail.

show abstract

Section: Interests and Possibilitiesmentioning

confidence: 99%

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Boyer¹,

Chelim²,

Sobieraj³

2021

Proceedings of the 31st European Safety and Reliability Conference (ESREL 2021)

View full text Add to dashboard Cite

show abstract

“…To validate the security of in-vehicle networks, [Sojka et al 2014] propose a combined evaluation of safety and security requirements of an AUTomotive Open System ARchitecture (AUTOSAR) architecture. In [Mundhenk et al 2015b], probabilistic model-checking is used to evaluate the security of an automotive architecture, based on standard security assessment methods.…”

Section: Intrusion Detection Network Analysis and Verificationmentioning

confidence: 99%

Security in Automotive Networks

Mundhenk¹,

Paverd

Mrowca³

et al. 2017

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

With the increasing amount of interconnections between vehicles, the attack surface of internal vehicle networks is rising steeply. Although these networks are shielded against external attacks, they often do not have any internal security to protect against malicious components or adversaries who can breach the network perimeter. To secure the in-vehicle network, all communicating components must be authenticated, and only authorized components should be allowed to send and receive messages. This is achieved through the use of an authentication framework. Cryptography is widely used to authenticate communicating parties and provide secure communication channels (e.g. Internet communication). However, the real-time performance requirements of in-vehicle networks restrict the types of cryptographic algorithms and protocols that may be used. In particular, asymmetric cryptography is computationally infeasible during vehicle operation.In this work, we address the challenges of designing authentication protocols for automotive systems. We present Lightweight Authentication for Secure Automotive Networks (LASAN), a full life-cycle authentication approach. We describe the core LASAN protocols and show how they protect the internal vehicle network while complying with the real-time constraints and low computational resources of this domain. By leveraging on the fixed structure of automotive networks, we minimize bandwidth and computation requirements. Unlike previous work, we also explain how this framework can be integrated into all aspects of the automotive product life cycle, including manufacturing, vehicle maintenance and software updates. We evaluate LASAN in two different ways: Firstly, we analyze the security properties of the protocols using established protocol verification techniques based on formal methods. Secondly, we evaluate the timing requirements of LASAN and compare these to other frameworks using a new highly modular discrete event simulator for in-vehicle networks, which we have developed for this evaluation. CCS Concepts: •Computer systems organization → Embedded and cyber-physical systems; •Security and privacy → Network security; •Networks → Network protocol design; ACM Reference Format: P. Mundhenk et al.or even impossible, to reliably control all entry points into the vehicle or shield the vehicular network with firewalls. Hence, it is important that, besides the external access points, communication within a vehicle is secured. This does not only hold if the external protections are breached, but also for targeted attacks, e.g., via the internal On-Board Diagnosis (OBD) port, the infotainment system or the telematics unit. With the introduction of networked comfort and entertainment functions, as well as Advanced Driver Assistance Systems (ADASs), vehicles are more readily connected to external networks, such as car-to-x networks and the Internet. This trend towards interconnectivity continues in the vehicle interior. Increasingly, passengers and drivers connect smartphones and other mobile de...

show abstract

“…Gashi et al [6] pointed out "security for safety" which prevents an adversary from harming safety, but it was mentioned that there is a trade-off between safety and confidentiality. For automotive systems, Sojka et al [29] focused on testing and validation of safety and security properties and showed that combining safety and security has some benefits. Softwarein-the-loop and hardware-in-the-loop simulations were applied to safety and security validations.…”

Section: Introductionmentioning

confidence: 99%

Invited - Cooperation or competition?

Lin¹,

Yu²

2016

Proceedings of the 53rd Annual Design Automation Conference

View full text Add to dashboard Cite

Safety is traditionally the most relevant property for automotive systems, and it is further enhanced by Advanced Driver Assistance Systems (ADAS) in modern automotive systems. To support ADAS and other advanced autonomous functions, automotive electronic systems become more distributed and connected than ever, with in-vehicle architecture or Vehicle-to-X (V2X) communication. These connections create a variety of interfaces which become breeding grounds for security attacks. Accordingly, security becomes a rising issue for automotive systems. In this paper, we address safety and security together, especially their interactions, in Ethernet-based automotive networks which are believed to be the next-generation automotive networks since they are able to provide high bandwidths, certain timing guarantees, and well-developed technologies. We discuss the interactions between safety and security in three problems: secret key management, frame replication and elimination, and Virtual Local Area Network (VLAN) segmentation. We demonstrate that safety and security can work together, but sometimes there is a trade-off between them. This indicates that safety cannot stand alone without considering security, and network security is a necessary component of system security. Towards safer and securer automotive systems, safety and security should be considered together during design stages of automotive systems.

show abstract

Case study on combined validation of safety & security requirements

Cited by 9 publications

References 3 publications

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Hybridization of Safety and Security for the Design and Validation of Autonomous Vehicles: Where Are We?

Security in Automotive Networks

Invited - Cooperation or competition?

Contact Info

Product

Resources

About