Abstract:A cyber-physical system (CPS) integrates communication and automation technologies into the operational processes of physical systems. Nowadays, as a complex CPS, an intelligent connected vehicle (ICV) may be exposed to accidental functional failures and malicious attacks. Therefore, ensuring the ICV's safety and security is crucial. Traditional safety/security analysis methods, such as failure mode and effect analysis and attack tree analysis, cannot provide a comprehensive analysis for the interactions between the system components of the ICV. In this work, we merge system-theoretic process analysis (STPA) with the concept phase of ISO 26262 and ISO/SAE 21434. We focus on the interactions between components while analyzing the safety and security of ICVs to reduce redundant efforts and inconsistencies in determining safety and security requirements. To conquer STPA's abstraction in describing causal scenarios, we improved the physical component diagram of STPA-SafeSec by adding interface elements. In addition, we proposed the loss scenario tree to describe specific scenarios that lead to unsafe/unsecure control actions. After hazard/threat analysis, a unified risk assessment process is proposed to ensure consistency in assessment criteria and to streamline the process. A case study is implemented on the autonomous emergency braking system to demonstrate the validation of the proposed method.

What problem does this paper attempt to address?

The problem this paper attempts to address is the comprehensive analysis of functional safety and cybersecurity in Intelligent Connected Vehicles (ICV). With the development of vehicle intelligence and networking technology, ICVs not only face traditional functional failure risks but also potential cyber-attacks, which can similarly lead to safety incidents. Therefore, ensuring the safety and cybersecurity of ICVs has become crucial. Existing safety or security analysis methods, such as Failure Mode and Effects Analysis (FMEA) and Attack Tree Analysis (ATA), cannot comprehensively analyze the interactions between ICV system components, making it difficult to effectively identify and assess safety and cybersecurity risks. Additionally, traditional functional safety engineering methods and cybersecurity methods are usually conducted by different teams, which may lead to insufficient information sharing, differences in analysis methods, and a lack of comprehensive consideration of the interrelationship between safety and cybersecurity. To address these issues, the paper proposes a co-analysis method for safety and cybersecurity that complies with ISO 26262 and ISO/SAE 21434 standards. This method combines System-Theoretic Process Analysis (STPA) with the concept phase of ISO 26262 and the concept phase of ISO/SAE 21434, focusing on analyzing the interactions between system components to reduce redundant work and inconsistencies when determining safety and cybersecurity requirements. Specifically, the paper improves the physical component diagram of STPA by adding interface elements and proposes a loss scenario tree to describe specific scenarios leading to unsafe or insecure control actions. Additionally, the paper proposes a unified risk assessment process to ensure consistency in assessment standards and simplify the process. The effectiveness of the proposed method is validated through a case study, specifically the application of an autonomous emergency braking system. Overall, the paper aims to provide a method that can comprehensively identify and assess loss scenarios in ICV systems, thereby supporting the concept phase of the vehicle development process.

Complying with ISO 26262 and ISO/SAE 21434: A Safety and Security Co-Analysis Method for Intelligent Connected Vehicle

Using STPA in Compliance with ISO 26262 for Developing a Safe Architecture for Fully Automated Vehicles

Security Risk Analysis Methodologies for Automotive Systems

An STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems

On the Criteria for Cybersecurity and Risk Assessment Based on ISO/SAE 21434 for the Application of Autonomous Vehicle

Systematic Assessment of Cyber-Physical Security of Lane Keeping Control System for Autonomous Vehicles

VSRQ: Quantitative Assessment Method for Safety Risk of Vehicle Intelligent Connected System

Integrated Modular Safety System Design for Intelligent Autonomous Vehicles

A comprehensive safety engineering approach for software-intensive systems based on STPA

A Security Evaluation Framework for Intelligent Connected Vehicles Based on Attack Chains

Conflict Analysis and Resolution of Safety and Security Boundary Conditions for Industrial Control Systems

Combined Online Checking and Control Synthesis: A Study on a Vehicle Platoon Testbed

Integrated Risk Analysis of Function Safety and Cyber Security on I&C System of HTP-PM with STPA-SafeSec

SaSeVAL: A Safety/Security-Aware Approach for Validation of Safety-Critical Systems

RESOLUTION OF SAFETY RELEVANT SECURITY THREATS IN THE SYSTEM ARCHITECTURE DESIGN PHASE ON THE EXAMPLE OF AUTOMOTIVE INDUSTRY

ACTISM: Threat-informed Dynamic Security Modelling for Automotive Systems

Analysis Method of Security Critical Components of Industrial Cyber Physical System Based on SysML.

Road to safe autonomy with data and formal reasoning

A system-theoretic approach to safety and security co-analysis of autonomous ships

Cybersecurity Threat Analysis, Risk Assessment and Design Patterns for Automotive Networked Embedded Systems: A Case Study

Architectural Design and Analysis of Electro-Mechanical-Brake System in View of Functional Safety Concept