Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?

Georg Macher, Andreas Riel, Christian Josef Kreiner

Research output: Contribution to journalArticlepeer-review


With the increasing replacement of classical mechanical systems by safety-critical embedded systems, car manufacturers have raised the awareness of safety attributes and systemwide safety thinking, which culminated in the release of the ISO 26262 functional safety standard for road vehicles. In contrast to this, security topics have been seen as attacks of mechanical nature affecting single vehicles only (for example, door lock and immobilizer related). In recent years, in-vehicle networks, as well as networked vehicles, have enabled exciting new opportunities, such as advanced driver assistance systems, fleet management systems, and autonomous driving. This connectivity to the cyberphysical world drives the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. The recently published work-in-progress SAE J3061 guidebook for cyberphysical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cybersecurity threats and design cybersecurity aware systems. In this article, a review of a combined approach to a safety and security threat analysis method (SAHARA) and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. Therefore, this work examines the integration of HARA and TARA and how this fits in the ISO 26262 and SAE J3061 context.
Original languageEnglish
Pages (from-to)37-46
Number of pages10
JournalSoftware Quality Professional
Issue number4
Publication statusPublished - Sept 2016


  • cybersecurity
  • functional safety
  • ISO 26262
  • SAE J3061


Dive into the research topics of 'Integrating Automotive Hazard and Threat Analysis Methods: How Does This Fit with Assumptions of the SAE J3061?'. Together they form a unique fingerprint.

Cite this