research-article

A Case Study of FMVEA and CHASSIS as Safety and Security Co-Analysis Method for Automotive Cyber-physical Systems

Authors:

Christoph Schmittner,

Erwin Schoitsch,

Thomas GruberAuthors Info & Claims

CPSS '15: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

Pages 69 - 80

https://doi.org/10.1145/2732198.2732204

Published: 14 April 2015 Publication History

Abstract

The increasing integration of computational components and physical systems creates cyber-physical system, which provide new capabilities and possibilities for humans to control and interact with physical machines. However, the correlation of events in cyberspace and physical world also poses new safety and security challenges. This calls for holistic approaches to safety and security analysis for the identification of safety failures and security threats and a better understanding of their interplay. This paper presents the application of two promising methods, i.e. Failure Mode, Vulnerabilities and Effects Analysis (FMVEA) and Combined Harm Assessment of Safety and Security for Information Systems (CHASSIS), to a case study of safety and security co-analysis of cyber-physical systems in the automotive domain. We present the comparison, discuss their applicabilities, and identify future research needs.

References

[1]

U. Abelein, H. Lochner, D. Hahn, and S. Straube, "Complexity, quality and robustness - the challenges of tomorrow's automotive electronics," in Design, Automation & Test in Europe Conference & Exhibition (DATE), 2012.

Digital Library

[2]

A. Banerjee, K. K. Venkatasubramanian, T. Mukherjee, and S. K. Gupta, "Ensuring safety, security, and sustainability of mission-critical cyber-physical systems," Proceedings of the IEEE, vol. 100, no. 1, pp. 283--299, 2012.

[3]

D. Schneider, E. Armengaud, and E. Schoitsch, "Towards trust assurance and certification in cyber-physical systems," in Computer Safety, Reliability, and Security, pp. 180--191, Springer, 2014.

[4]

C. Schmittner, T. Gruber, P. Puschner, and E. Schoitsch, "Security application of failure mode and effect analysis (FMEA)," in Computer Safety, Reliability, and Security, 2014.

Digital Library

[5]

C. Schmittner, Z. Ma, and P. Smith, "FMVEA for safety and security analysis of intelligent and cooperative vehicles," in Computer Safety, Reliability, and Security, 2014.

[6]

C. Raspotnig, P. Karpati, and V. Katta, "A combined process for elicitation and analysis of safety and security requirements," in Lecture Notes in Business Information Processing, 2012.

[7]

A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, "Basic concepts and taxonomy of dependable and secure computing," Dependable and Secure Computing, IEEE Transactions on, vol. 1, no. 1, pp. 11--33, 2004.

Digital Library

[8]

Center for Chemical Process Safety of the American Institute of Chemical Engineers, Guidelines for Hazard Evaluation Procedures, 3rd edition. 2008.

[9]

International Electrotechnical Commission, "ISO/IEC 31010, Risk management - Risk assessment techniques," 2009.

[10]

International Electrotechnical Commission, "IEC 61882: Hazard and operability studies (HAZOP studies) - Application guide," 2001.

[11]

International Electrotechnical Commission, "IEC: 61025 Fault tree analysis (FTA)," 2006.

[12]

International Electrotechnical Commission, "IEC 60812: Analysis techniques for system reliability - procedure for failure mode and effects analysis (FMEA)," 2006.

[13]

Frank Swiderski and Window Snyder, Threat Modeling. Microsoft Press Redmond, 2004.

Digital Library

[14]

B. Schneier, "Attack trees," Dr. Dobb's journal, vol. 24, no. 12, pp. 21--29, 1999.

[15]

A. Singhal and X. Ou, "Security risk analysis analysis of enterprise networks using probabilistic attack graphs." NIST Interagency Report 7788, August 2011.

[16]

M. S. Lund, B. Solhaug, and K. Stølen, Model-driven risk analysis: the CORAS approach. Springer Science & Business Media, 2010.

[17]

International Standardization Organization, "ISO 27000 series: Information technology - security techniques," 2009.

[18]

International Standardization Organization, "ISO 15408: Information technology - security techniques - evaluation criteria for IT security (common criteria)," 2009.

[19]

International Standardization Organization, "ISO 26262: Road vehicles - functional safety," 2011.

[20]

Commission of the European Communities, "Directive 96/48/EC - Interoperability of the trans-European high speed rail system," 1996.

[21]

International Electrotechnical Commission, "IEC 62443: Industrial communication networks - network and system security - security for industrial automation and control systems," 2009.

[22]

J. Braband, "Towards an IT security framework for railway automation," (Toulouse), Feb. 2014.

[23]

European Committee for Standardization, "EN 50129, railway applications - communication, signalling and processing systems - safety related electronic systems for signalling," 2003.

[24]

International Electrotechnical Commission, "IEC 61508: Functional safety of electrical / electronic / programmable electronic safety-related systems," 2010.

[25]

M. Masera, I. N. Fovion, and A. D. Cian, "Integrating cyber attacks within fault trees," Reliability Engineering & System Safety, 2009.

[26]

L. Piétre-Cambacédès and M. Bouissou, "Modeling safety and security interdependencies with bdmp (boolean logic driven markov processes)," in Systems Man and Cybernetics (SMC), 2010 IEEE International Conference on, 2010.

[27]

W. Young and N. Leveson, "Systems thinking for safety and security," in Proceedings of the 29th Annual Computer Security Applications Conference, pp. 1--8, ACM, 2013.

Digital Library

[28]

Ministry of Defence (United Kingdom), "HAZOP studies on systems containing programmable electronics part 2 general application guidance," May 2000.

[29]

I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaâniche, and Y. Laarouchi, "Survey on security threats and protection mechanisms in embedded automotive networks," in Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on, 2013.

[30]

K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., "Experimental security analysis of a modern automobile," in 2010 IEEE Symposium on Security and Privacy (SP), 2010.

Digital Library

[31]

C. Miller and C. Valasek, "A survey of remote automotive attack surfaces," 2014.

[32]

S. You, M. Krage, and L. Jalics, "Overview of remote diagnosis and maintenance for automotive systems," tech. rep., SAE Technical Paper, 2005.

[33]

H. A. Odat and S. Ganesan, "Firmware over the air for automotive, fotamotive," in Electro/Information Technology (EIT), 2014 IEEE International Conference on, pp. 130--139, IEEE, 2014.

[34]

H.-K. Ryu, S.-R. Cho, S. Piao, and S.-H. Kim, "The design of remote vehicle management system based on OMA DM protocol and AUTOSAR s/w architecture," pp. 393--397, IEEE, 2008.

Digital Library

[35]

D. K. Nilsson, U. E. Larson, F. Picasso, and E. Jonsson, "A first simulation of attacks in the automotive network communications protocol FlexRay," in Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems, CISIS'08, pp. 84--91, Springer, 2009.

[36]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, "Comprehensive experimental analyses of automotive attack surfaces," in USENIX Security Symposium, 2011.

Digital Library

[37]

D. K. Nilsson, L. Sun, and T. Nakajima, "A framework for self-verification of firmware updates over the air in vehicle ecus," in GLOBECOM Workshops, 2008 IEEE, pp. 1--5, IEEE, 2008.

[38]

C. Raspotnig, V. Katta, P. Karpati, and A. L. Opdahl, "Enhancing chassis: A method for combining safety and security," in Availability, Reliability and Security (ARES), 2013 Eighth International Conference on, pp. 766--773, IEEE, 2013.

Digital Library

[39]

M. S. Idrees, H. Schweppe, Y. Roudier, M. Wolf, D. Scheuermann, and O. Henniger, "Secure automotive on-board protocols: a case of over-the-air firmware updates," in Communication Technologies for Vehicles, pp. 224--238, Springer, 2011.

Digital Library

[40]

B. Bencsáth, G. Pék, L. Buttyán, and M. Félegyházi, "Duqu: Analysis, detection, and lessons learned," in ACM European Workshop on System Security (EuroSec), vol. 2012, 2012.

[41]

C. Raspotnig, P. Karpati, and K. Vikash, "Guideline for applying CHASSIS, draft," Nov. 2012.

[42]

M. Broy, I. H. Kruger, A. Pretschner, and C. Salzmann, "Engineering automotive software," Proceedings of the IEEE, vol. 95, no. 2, pp. 356--373, 2007.

[43]

S. Plósz, A. Farshad, M. Tauber, C. Lesjak, T. Ruprechter, and N. Pereira, "Security vulnerabilities and risks in industrial usage of wireless communication," in Emerging Technology and Factory Automation (ETFA), 2014 IEEE, pp. 1--8, IEEE, 2014.

Cited By

Bolbot VXiang LBrunou PKiviharju MDing YBanda O(2024)Cybersecurity risk assessment of a marine dual-fuel engine on inland waterways shipProceedings of the Institution of Mechanical Engineers, Part M: Journal of Engineering for the Maritime Environment10.1177/14750902241265173Online publication date: 28-Jul-2024
https://doi.org/10.1177/14750902241265173
Berényi CCsiszárik-Kocsir Á(2024) Approach to the digital world with a security perspective through an agile lens 1 2024 IEEE 22nd World Symposium on Applied Machine Intelligence and Informatics (SAMI)10.1109/SAMI60510.2024.10432842(000089-000094)Online publication date: 25-Jan-2024
https://doi.org/10.1109/SAMI60510.2024.10432842
Rao SRoy S(2024)A Novel Scalable Hybrid Threat Analysis and Risk Assessment Engine for an Automotive Subsystem2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)10.1109/IATMSI60426.2024.10503203(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/IATMSI60426.2024.10503203
Show More Cited By

Index Terms

A Case Study of FMVEA and CHASSIS as Safety and Security Co-Analysis Method for Automotive Cyber-physical Systems

Recommendations

Modeling Automotive Cyber Physical Systems
DCABES '13: Proceedings of the 2013 12th International Symposium on Distributed Computing and Applications to Business, Engineering & Science

Automotive cyber physical systems (CPSs) involve interactions between software controllers, communication networks, and physical devices. These systems are among the most complex cyber physical systems being designed by humans. However, automotive cyber ...
Cyber physical systems security

Cyber Physical Systems (CPS) are networked systems of cyber (computation and communication) and physical (sensors and actuators) components that interact in a feedback loop with the possible help of human intervention, interaction and utilization. These ...
Prototyping Automotive Cyber-Physical Systems
AutomotiveUI '14: Adjunct Proceedings of the 6th International Conference on Automotive User Interfaces and Interactive Vehicular Applications

Cyber-Physical Systems (CPS) in the automotive engineering process address the challenge of focusing on the interaction with physical processes rather than to cope with limited computational resources. The aim is to understand the joint dynamic of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '15: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

April 2015

116 pages

ISBN:9781450334488

DOI:10.1145/2732198

General Chair:
Jianying Zhou
I2R, Singapore
,
Program Chairs:
Jianying Zhou
I2R, Singapore
,
Douglas Jones
ADSC, Singapore

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

EU ARTEMIS EMC2
Austrian Research Promotion Agency (FFG)

Conference

ASIA CCS '15

Sponsor:

SIGSAC

ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security

April 14 - March 14, 2015

Singapore, Republic of Singapore

Acceptance Rates

CPSS '15 Paper Acceptance Rate 9 of 26 submissions, 35%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
958
Total Downloads

Downloads (Last 12 months)63
Downloads (Last 6 weeks)8

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bolbot VXiang LBrunou PKiviharju MDing YBanda O(2024)Cybersecurity risk assessment of a marine dual-fuel engine on inland waterways shipProceedings of the Institution of Mechanical Engineers, Part M: Journal of Engineering for the Maritime Environment10.1177/14750902241265173Online publication date: 28-Jul-2024
https://doi.org/10.1177/14750902241265173
Berényi CCsiszárik-Kocsir Á(2024) Approach to the digital world with a security perspective through an agile lens 1 2024 IEEE 22nd World Symposium on Applied Machine Intelligence and Informatics (SAMI)10.1109/SAMI60510.2024.10432842(000089-000094)Online publication date: 25-Jan-2024
https://doi.org/10.1109/SAMI60510.2024.10432842
Rao SRoy S(2024)A Novel Scalable Hybrid Threat Analysis and Risk Assessment Engine for an Automotive Subsystem2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)10.1109/IATMSI60426.2024.10503203(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/IATMSI60426.2024.10503203
Salinger GSpan TChatterjee RJepson JDaily J(2024)A Demonstration of MBSEsec Applied to Securing Cyber-Physical System Communications2024 IEEE Aerospace Conference10.1109/AERO58975.2024.10521100(1-13)Online publication date: 2-Mar-2024
https://doi.org/10.1109/AERO58975.2024.10521100
Jayaratne DKamtam SShaikh SRamli MLu QMepparambath RNguyen HRakib A(2024)A simulation framework for automotive cybersecurity risk assessmentSimulation Modelling Practice and Theory10.1016/j.simpat.2024.103005(103005)Online publication date: Jul-2024
https://doi.org/10.1016/j.simpat.2024.103005
Li YLiu QChen XCao C(2023)Integrated safety and security enhancement of connected automated vehicles using DHR architectureSecurity and Safety10.1051/sands/20220092(2022009)Online publication date: 27-Jan-2023
https://doi.org/10.1051/sands/2022009
Stabili DRomagnoli RMarchetti MSinopoli BColajanni M(2023)A multidisciplinary detection system for cyber attacks on Powertrain Cyber Physical SystemsFuture Generation Computer Systems10.1016/j.future.2023.02.019144:C(151-164)Online publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1016/j.future.2023.02.019
Kaberuka JJohnson C(2023)A Case Study in the Application of STPA-sec and CHASSIS for Socio-Technical Cyber Security Risk Management in Health Care from Developing NationsIntelligent Sustainable Systems10.1007/978-981-19-7660-5_33(383-390)Online publication date: 1-Jan-2023
https://doi.org/10.1007/978-981-19-7660-5_33
Inayat IFarooq MInayat Z(2023)Safety and security risks management process for cyber‐physical systemsJournal of Software: Evolution and Process10.1002/smr.248235:7Online publication date: 2-Jul-2023
https://dl.acm.org/doi/10.1002/smr.2482
Mashkoor AEgyed AWille RStock S(2023)Model‐driven engineering of safety and security software systemsJournal of Software: Evolution and Process10.1002/smr.245735:7Online publication date: 2-Jul-2023
https://dl.acm.org/doi/10.1002/smr.2457
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents