Conference paper Open Access

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Imanol Mugarza; Irune Agirre; Irune Yarza; Fabrizio Lussiana; Stefania Botta

The raising connectivity of critical embedded systems makes them vulnerable to cyber-security attacks that compromise not only privacy but also safety. This results in intricate dependencies between functional safety and security, and higher demands to address both disciplines simultaneously. However, there are still many gaps on the common application of functional safety and cyber-security standards. Over-The-Air (OTA) software updates are a clear example of this challenge. While the installation of regular software upgrades is a crucial cyber-security practice to keep the system up-to-date with the latest security patches, they might involve high re-certification efforts and costs from a safety standpoint. In this paper, a safety and security concept for software updates on mixed-criticality systems is presented. Particularly, a combined safety and security risk assessment on an automotive use case is performed and risk mitigation measures proposed.

This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record is published in IEEE.
Files (3.1 MB)
Name Size
3.1 MB Download
All versions This version
Views 151151
Downloads 125125
Data volume 389.2 MB389.2 MB
Unique views 132132
Unique downloads 114114


Cite as