Supporting Cyber-Security Based on Hardware-Software Interface Definition

The automotive industry has an annual increase rate of software implemented functions of about 30 %. In the automotive domain the increasing complexity of systems became challenging with consumer demands for advanced driving assistance systems and automated driving functionalities, and the thus broadening societal sensitivity for security and safety concerns, such as remote control of cars by hacking their IT infrastructure.

As vehicle providers gear up for the cyber-security challenges, they can leverage experiences from many other domains, but nevertheless have to face several unique challenges. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems in close relation to ISO 26262. Although functional safety and cyber-security engineering have a considerable overlap regarding many facets, such as analysis methods and system function thinking, the definition of system borders (item definition vs. trust boundaries) often differs largely. Therefore, appropriate systematic approaches to support the identification of trust boundaries and attack vectors for the safety- and cybersecurity-relates aspects of complex automotive systems are essential. In the course of this paper, we analyze a method to identify attack vectors on complex systems via signal interfaces. We focus on a central development artifact of the ISO 26262 functional safety development process, the hardware-software interface (HSI), and propose an extension for the HSI to support the cyber-security engineering process.