Twitter Linked In Xing Induux
Aktuell
zurück

Case Study

ICS Services:

Safety & Security – Integrated Development

Benefit from our experience

Save expensive and lengthy training programs and start immediately in your project. Insert our engineers targeted precisely to the phases of the project in which their knowledge is required. This opens up the possibility of a holistic support of your project in a responsibility - from the first design to the finished system (process definition, concept creation, training and realisation).

Gain time in your projects, through the companionship of our experts in the execution of an integrated Safety-/Security process in your project landscape.  Minimize the risks of a project delay, which can occur through the integration of a new Safety-/Security process in your existing development environment. Our longstanding project experience with OEMs and Tier-1-supplier helps to effectively manage functional safety (Safety) in accordance to ISO 26262 (Security plan/proof, audits, reviews and assessments).

Secure the position of the independent observer at the:

 

What is safety and security about?

Challenges at the networked vehicle

Today’s automobiles have quite a few electronic and electrical systems (E/E systems) embedded to realize existing and new functions.
That includes basic functions like light, wiper, etc. but also diagnostic-interfaces, infotainment, driver assistance systems, e-mobility, mobile services up to autonomous driving.

Malfunctions in these E / E systems, which may lead to hazards for traffic users, must be sufficiently reduced (Safety).
 
Today's E/E systems are connected via Networks.
Therefore, cyberattacks which are focused on these systems and beyond, violate the systems security, the privacy of users and may lead to operational and financial damage. These new challenges must be counteracted with sufficient care in the form of cyber protection (Security).

 

Safety and Security - Similarities and Differences

Is it possible to handle safety and security within a common process?

The challenge is that between the two disciplines exist significantly differences depending on the level of consideration:

Level of consideration                                             

Safety

Security

System view 

Technical system harms humans/environment unintended

Humans harm humans/environment purposefully

Danger assessment

Hazards are rated by statistics, experience values, knowledge about the system, its components and interactions

Threads are intended malicious activities and as such are difficult to predict

Goal

Safe state

Permanent IT- Security process

Risk analysis

Fault-Tree-Analysis

Attack-Tree-Analysis

Hardware failure

Random failures   

Attacks from vulnerable locations

Goal of software validation                          

Proof of validity of software

Vulnerabilities of valid software

System integration test

Fault-Injection-Test

Penetration-Test

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Safety and Security: Similarities

However, with all these differences, similarities between safety and security can be discerned:

 

An integrated approach for both aspects

To derive an applicable process for safety and security, it is thus advisable to proceed in accordance with ISO 26262, using the definition of the item and to start with the risk analysis.