Conference paper Open Access
Safety and Security Concept for Software Updates on Mixed-criticality Systems
Imanol Mugarza;
Irune Agirre;
Irune Yarza;
Fabrizio Lussiana;
Stefania Botta
The raising connectivity of critical embedded systems makes them vulnerable to cyber-security attacks that compromise not only privacy but also safety. This results in intricate dependencies between functional safety and security, and higher demands to address both disciplines simultaneously. However, there are still many gaps on the common application of functional safety and cyber-security standards. Over-The-Air (OTA) software updates are a clear example of this challenge. While the installation of regular software upgrades is a crucial cyber-security practice to keep the system up-to-date with the latest security patches, they might involve high re-certification efforts and costs from a safety standpoint. In this paper, a safety and security concept for software updates on mixed-criticality systems is presented. Particularly, a combined safety and security risk assessment on an automotive use case is performed and risk mitigation measures proposed.
| Name | Size | |
|---|---|---|
|
U2D_SASECONCEPT_ICSRS21_R045.pdf
md5:7847d07ed90adaf507e85c3479cb71cd |
3.1 MB | Download |
| All versions | This version | |
|---|---|---|
| Views | 151 | 151 |
| Downloads | 125 | 125 |
| Data volume | 389.2 MB | 389.2 MB |
| Unique views | 132 | 132 |
| Unique downloads | 114 | 114 |
- Publication date:
- November 24, 2021
- DOI:
-
- Keyword(s):
- software updates, safety, security, concept, risk assessment, risk treatment, mixed-criticality
- Grants:
-
European Commission:
- UP2DATE - Intelligent software-UPDATE technologies for safe and secure mixed-criticality and high performance cyber physical systems (871465)
- Meeting:
- International Conference on System Reliability and Safety (ICSRS21), Palermo, 24-26 November, 2021
- Communities:
- License (for files):
- Creative Commons Attribution 4.0 International