Co-engineering of Safety and Security Life Cycles for Engineering of Automotive Systems-Reference-Cited by-同舟云学术

Co-engineering of Safety and Security Life Cycles for Engineering of Automotive Systems

Published:2020-04-16 Issue:2 Volume:39 Page:41-48
ISSN:1094-3641
Container-title:ACM SIGAda Ada Letters
language:en
Short-container-title:Ada Lett.

Author:

Bramberger Robert¹,Martin Helmut¹,Gallina Barbara²,Schmittner Christoph³

Affiliation:

1. Virtual Vehicle Research GmbH, Graz, Austria

2. Mälardalen University, Västerås, Sweden

3. AIT Austrian Institute of Technology GmbH, Vienna, Austria

Abstract

Nowadays systems are becoming more and more connected. Consequently, the co-engineering of (cyber)security and safety life cycles becomes paramount. Currently, no standard provides a structured co-engineering process to facilitate the communication between safety and security engineers. In this paper, we propose a process for co-engineering safety and security by the explicit systematization and management of commonalities and variabilities, implicitly stated in the requirements of the different standards. Our process treats the safety and security life cycles as members of a security-informed safety-oriented process line and so it forces safety and security engineers to come together and brainstorm on what might be considered a commonality and what might be considered a variability. We illustrate the usage of our process by systematizing commonalities and variabilities at risk analysis phase in the context of ISO 26262 and SAE J3061. We then draw lessons learnt. Finally, we sketch some directions for future work.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3394514.3394519

Reference33 articles.

1. AMASS (Architecture-driven Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) Project (online) https://www.amass-ecsel.eu. AMASS (Architecture-driven Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) Project (online) https://www.amass-ecsel.eu.

2. AMASS Project: Deliverables (online) https://www.amassecsel. eu/content/deliverables. AMASS Project: Deliverables (online) https://www.amassecsel. eu/content/deliverables.

3. ENISA (European Network and Information Security Agency) ENISA good practices for security of Smart Cars https://www.enisa.europa.eu/publications/enisa-goodpractices- for-security-of-smart-cars. ENISA (European Network and Information Security Agency) ENISA good practices for security of Smart Cars https://www.enisa.europa.eu/publications/enisa-goodpractices- for-security-of-smart-cars.

4. EVITA project https://www.evita-project.org. EVITA project https://www.evita-project.org.

Cited by 11 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Managing security evidence in safety-critical organizations;Journal of Systems and Software;2024-08

2. A Practitioners Perspective on Addressing Cyber Security and Variability Challenges in Modern Automotive Systems;Proceedings of the 18th International Working Conference on Variability Modelling of Software-Intensive Systems;2024-02-07

3. A Knowledge Management Strategy for Seamless Compliance with the Machinery Regulation;Communications in Computer and Information Science;2023

4. Conflict Analysis and Resolution of Safety and Security Boundary Conditions for Industrial Control Systems;2022 6th International Conference on System Reliability and Safety (ICSRS);2022-11-23

5. Security by Design Integration Mechanisms for Industrial Control Systems;IECON 2022 – 48th Annual Conference of the IEEE Industrial Electronics Society;2022-10-17