Czerny, B., "System Security and System Safety Engineering: Differences and Similarities and a System Security Engineering Process Based on the ISO 26262 Process Framework," SAE Int. J. Passeng. Cars – Electron. Electr. Syst. 6(1):349-359, 2013, doi:10.4271/2013-01-1419.
Today's vehicles contain a number of safety-critical systems designed to help improve overall vehicle safety. Such systems may control vital vehicle functions such as steering, braking and/or propulsion independently of the driver. In today's vehicles, much emphasis has been placed on helping ensure that these safety-critical vehicle systems operate as intended. Applying rigorous system safety engineering principles in developing these safety-critical automotive systems helps ensure that they operate as desired and expected. Less emphasis has been placed to-date on helping ensure cybersecurity of cyber-physical automotive systems. However, this is changing as both the world and the automotive industry become more aware of the potential ramifications of cyber-attacks on vehicles.As with system safety, applying a rigorous system security engineering process to the development of cyber-physical automotive systems is beneficial and will help reduce the likelihood of successful attacks on vehicles. System security and system safety interact with one another and cannot be considered in isolation. However, there are also differences between system security and system safety that require unique engineering activities to be performed to address these unique aspects. This paper describes some of the differences and similarities between system security and system safety, between safety-critical systems and security-critical systems, and between system safety and system security engineering, and presents a system security engineering process for applying to cyber-physical automotive systems that is based on the ISO 26262 process framework.