58 research outputs found
Collaborative Analysis Framework of Safety and Security for Autonomous Vehicles
Human error has been statistically proven to be the primary cause of road accidents. This undoubtedly is a contributory cause of the rising popularity of autonomous vehicles as they are presumably able to maneuver appropriately/optimally on the roads while diminishing the likelihood of human error and its repercussion. However, autonomous vehicles are not ready for widespread adoption because their safety and security issues are yet to be thoroughly investigated/addressed. Little literature could be found on collaborative analysis of safety and security of autonomous vehicles. This paper proposes a framework for analyzing both safety and security issues, which includes an integrated safety and security method (S&S) with international vehicle safety and security standards ISO 26262 and SAE J3061. The applicability of the proposed framework is demonstrated using an example of typical autonomous vehicle model. Using this framework, one can clearly understand the vehicle functions, structure, the associated failures and attacks, and also see the vulnerabilities that are not yet addressed by countermeasures, which helps to improve the in-vehicle safety and security from researching and engineering perspectives
A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems
Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems
Understanding drivers' trust after software malfunctions and cyber intrusions of digital displays in an automated car
The aim of this paper is to examine the effect of explicit (i.e., ransomware) and silent (i.e., no turn signals) automation failures on drivers’ reported levels of trust and perception of risk. In a driving simulator study, 38 participants rode in a conditionally automated vehicle in built-up areas and motorways. They all experienced both failures. Not only levels of trust decreased after experiencing the failures, especially after the explicit one, but also some of the scores were low. This could mean cyber-attacks lead to distrust in automated driving, rather than merely decreasing levels of trust. Participants also seemed to differentiate connected driving from automated driving in terms of perception of risk. These results are discussed in the context of cyber intrusions as well as long- and short-term trust
Integrated Attack Tree in Residual Risk Management Framework
Safety-critical cyber-physical systems (CPSs), such as high-tech cars having cyber capabilities, are highly interconnected. Automotive manufacturers are concerned about cyber attacks on vehicles that can lead to catastrophic consequences. There is a need for a new risk management approach to address and investigate cybersecurity risks. Risk management in the automotive domain is challenging due to technological improvements and advances every year. The current standard for automotive security is ISO/SAE 21434, which discusses a framework that includes threats, associated risks, and risk treatment options such as risk reduction by applying appropriate defences. This paper presents a residual cybersecurity risk management framework aligned with the framework presented in ISO/SAE 21434. A methodology is proposed to develop an integrated attack tree that considers multiple sub-systems within the CPS. Integrating attack trees in this way will help the analyst to take a broad perspective of system security. Our previous approach utilises a flow graph to calculate the residual risk to a system before and after applying defences. This paper is an extension of our initial work. It defines the steps for applying the proposed framework and using adaptive cruise control (ACC) and adaptive light control (ALC) to illustrate the applicability of our work. This work is evaluated by comparing it with the requirements of the risk management framework discussed in the literature. Currently, our methodology satisfies more than 75% of their requirements
A Novel System-Theoretic Matrix-Based Approach to Analysing Safety and Security of Cyber-Physical Systems
Cyber-Physical Systems (CPSs) are getting increasingly complex and interconnected. Consequently, their inherent safety risks and security risks are so intertwined that the conventional analysis approaches which address them separately may be rendered inadequate. STPA (Systems-Theoretic Process Analysis) is a top-down hazard analysis technique that has been incorporated into several recently proposed integrated Safety and Security (S&S) analysis methods. This paper presents a novel methodology that leverages not only STPA, but also custom matrices to ensure a more comprehensive S&S analysis. The proposed methodology is demonstrated using a case study of particular commercial cloud-based monitoring and control system for residential energy storage systems
Challenges in aligning requirements engineering and verification in a large-scale industrial context
[Context and motivation] When developing software, coordination between
different organizational units is essential in order to develop a good quality
product, on time and within budget. Particularly, the synchronization between
requirements and verification processes is crucial in order to assure that the
developed software product satisfies customer requirements. [Question/problem]
Our research question is: what are the current challenges in aligning the
requirements and verification processes? [Principal ideas/results] We conducted
an interview study at a large software development company. This paper presents
preliminary findings of these interviews that identify key challenges in
aligning requirements and verification processes. [Contribution] The result of
this study includes a range of challenges faced by the studied organization
grouped into the categories: organization and processes, people, tools,
requirements process, testing process, change management, traceability, and
measurement. The findings of this study can be used by practitioners as a basis
for investigating alignment in their organizations, and by scientists in
developing approaches for more efficient and effective management of the
alignment between requirements and verification.Comment: Requirements Engineering: Foundation for Software Quality: 16th
International Working Conference, REFSQ 2010, Essen, Germany, June 30-July 2,
2010. Proceedings 16 (pp. 128-142). Springer Berlin Heidelber
Challenges and Practices in Aligning Requirements with Verification and Validation: A Case Study of Six Companies
Weak alignment of requirements engineering (RE) with verification and
validation (VV) may lead to problems in delivering the required products in
time with the right quality. For example, weak communication of requirements
changes to testers may result in lack of verification of new requirements and
incorrect verification of old invalid requirements, leading to software quality
problems, wasted effort and delays. However, despite the serious implications
of weak alignment research and practice both tend to focus on one or the other
of RE or VV rather than on the alignment of the two. We have performed a
multi-unit case study to gain insight into issues around aligning RE and VV by
interviewing 30 practitioners from 6 software developing companies, involving
10 researchers in a flexible research process for case studies. The results
describe current industry challenges and practices in aligning RE with VV,
ranging from quality of the individual RE and VV activities, through tracing
and tools, to change control and sharing a common understanding at strategy,
goal and design level. The study identified that human aspects are central,
i.e. cooperation and communication, and that requirements engineering practices
are a critical basis for alignment. Further, the size of an organisation and
its motivation for applying alignment practices, e.g. external enforcement of
traceability, are variation factors that play a key role in achieving
alignment. Our results provide a strategic roadmap for practitioners
improvement work to address alignment challenges. Furthermore, the study
provides a foundation for continued research to improve the alignment of RE
with VV
- …