Cybersecurity in the Context of Fail-Operational Systems

Abstract

<div class="section abstract"><div class="htmlview paragraph">The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy.</div><div class="htmlview paragraph">In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.</div><div class="htmlview paragraph">But the connectivity is accompanied by potential cyber security risks, eventually compromising a vehicles safety. Therefore, mitigating such risks by appropriate security measures is mandatory.</div><div class="htmlview paragraph">Unfortunately, the combination of functional safety and cyber security requirements aiming on the same target often contains a considerable potential for conflict, as they may be contradicting.</div><div class="htmlview paragraph">Especially in Fail-Operational systems, where system availability is a major safety goal, matching of both fields is quite a challenge. This paper depicts contradictions, raises related open question, offers possible answers and tries to encourage an industry-wide discussion of the stakeholders in the related fields.</div></div>