Integrated Analysis of Safety and Security Hazards in Automotive Systems

Rhea Rinaldo, Dieter Hutter

In: Sokratis K. Katsikas, Frederic Cuppens (Hrsg.). ESORICS 2020 workshops CyberICPS, SECPRE, ADIoT. International Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems (CyberICPS-2020) befindet sich ESORICS 2020 September 14-18 online United Kingdom Lecture Notes in Computer Science (LNCS) 12501 Springer 11/2020.


Safety has always been a primary concern in automotive development, but with the growing connectivity requirements due to the increasing demand for autonomous features, security concerns are rising dramatically. Safety and security are partly intertwined, as faults and incidents with one may adversely affect the other. Consequently, evaluating both properties separately is illusive in general, yet still widely adopted in automotive development. In this paper we introduce an approach to analyze the interaction of the various components in a vehicle with respect to possible safety and security hazards based on the weaknesses of these individual components. We introduce the notion of a dependency graph to specify the interrelation of the components and provide an automated mechanism to transfer these specifications to Markov Decision Processes, which allow us to automatically analyze such systems by using probabilistic model checkers. We describe our approach by means of a simple vehicle example and present parts of its automatic analysis.


Deutsches Forschungszentrum für Künstliche Intelligenz
German Research Center for Artificial Intelligence