Supporting Cyber-Security Based on Hardware-Software Interface Definition

Georg Macher, Harald Sporer, Eugen Brenner, Christian Josef Kreiner

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


The automotive industry has an annual increase rate of software implemented functions of about 30 %. In the automotive domain the increasing complexity of systems became challenging with consumer demands for advanced driving assistance systems and automated driving functionalities, and the thus broadening societal sensitivity for security and safety concerns, such as remote control of cars by hacking their IT infrastructure.

As vehicle providers gear up for the cyber-security challenges, they can leverage experiences from many other domains, but nevertheless have to face several unique challenges. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems in close relation to ISO 26262. Although functional safety and cyber-security engineering have a considerable overlap regarding many facets, such as analysis methods and system function thinking, the definition of system borders (item definition vs. trust boundaries) often differs largely. Therefore, appropriate systematic approaches to support the identification of trust boundaries and attack vectors for the safety- and cybersecurity-relates aspects of complex automotive systems are essential. In the course of this paper, we analyze a method to identify attack vectors on complex systems via signal interfaces. We focus on a central development artifact of the ISO 26262 functional safety development process, the hardware-software interface (HSI), and propose an extension for the HSI to support the cyber-security engineering process.
Original languageEnglish
Title of host publication23rd European Conference on Systems, Software and Services Process Improvement, EuroSPI 2016
PublisherSpringer International Publishing AG
Number of pages159
Publication statusPublished - 2016
Event23rd European Conference on Systems, Software and Services Process Improvement: EuroSPI 2016 - Graz, Austria
Duration: 14 Sept 201616 Sept 2016


Conference23rd European Conference on Systems, Software and Services Process Improvement

Fields of Expertise

  • Information, Communication & Computing
  • Mobility & Production

Cite this