Conference paper Open Access

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Imanol Mugarza; Irune Agirre; Irune Yarza; Fabrizio Lussiana; Stefania Botta

The raising connectivity of critical embedded systems makes them vulnerable to cyber-security attacks that compromise not only privacy but also safety. This results in intricate dependencies between functional safety and security, and higher demands to address both disciplines simultaneously. However, there are still many gaps on the common application of functional safety and cyber-security standards. Over-The-Air (OTA) software updates are a clear example of this challenge. While the installation of regular software upgrades is a crucial cyber-security practice to keep the system up-to-date with the latest security patches, they might involve high re-certification efforts and costs from a safety standpoint. In this paper, a safety and security concept for software updates on mixed-criticality systems is presented. Particularly, a combined safety and security risk assessment on an automotive use case is performed and risk mitigation measures proposed.

This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record is published in IEEE.
Files (3.1 MB)
Name Size
U2D_SASECONCEPT_ICSRS21_R045.pdf
md5:7847d07ed90adaf507e85c3479cb71cd
3.1 MB Download
69
49
views
downloads
All versions This version
Views 6969
Downloads 4949
Data volume 152.5 MB152.5 MB
Unique views 6161
Unique downloads 4242

Share

Cite as