Abstract
We discuss an approach to modifying a safety assurance case to take into account malicious intent. We show how to analyze an existing assurance case to reveal additions and modifications that need to be made in order to deal with the effects of malicious intent aimed at safety critical applications, and where to make them.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Uptane: Securing Software Updates for Automobiles. https://uptane.github.io/. Accessed 25 Apr 2023
Chowdhury, T., et al.: Safe and secure automotive over-the-air updates. In: Gallina, B., Skavhaug, A., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11093, pp. 172–187. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99130-6_12
Chowdhury, T., Wassyng, A., Paige, R.F., Lawford, M.: Systematic evaluation of (safety) assurance cases. In: Casimiro, A., Ortmeier, F., Bitsch, F., Ferreira, P. (eds.) SAFECOMP 2020. LNCS, vol. 12234, pp. 18–33. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-54549-9_2
ISO: 26262: Road vehicles-Functional safety. International Standard ISO/FDIS (2018)
Johnson, N., Kelly, T.: Devil’s in the detail: through-life safety and security co-assurance using SSAF. In: Romanovsky, A., Troubitsyna, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11698, pp. 299–314. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26601-1_21
Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_32
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014)
Macher, G., Sporer, H., Berlach, R., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method. In: Nebel, W., Atienza, D. (eds.) DATE 2015, pp. 621–624. ACM (2015)
SAE Vehicle Electrical System Security Committee, et al.: SAE J3061-Cybersecurity Guidebook for Cyber-Physical Automotive Systems. SAE-Society of Automotive Engineers (2016)
Wassyng, A., et al.: Can product-specific assurance case templates be used as medical device standards? IEEE Des. Test 32(5), 45–55 (2015)
Young, W., Leveson, N.G.: Systems thinking for safety and security. In: Jr., C.N.P. (ed.) ACSAC 2013, pp. 1–8. ACM (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bandur, V., Lawford, M., Mosser, S., Paige, R.F., Pantelic, V., Wassyng, A. (2023). Using Assurance Cases to Prevent Malicious Behaviour from Targeting Safety Vulnerabilities. In: Guiochet, J., Tonetta, S., Schoitsch, E., Roy, M., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops. SAFECOMP 2023. Lecture Notes in Computer Science, vol 14182. Springer, Cham. https://doi.org/10.1007/978-3-031-40953-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-40953-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-40952-3
Online ISBN: 978-3-031-40953-0
eBook Packages: Computer ScienceComputer Science (R0)