Cybersecurity in the Context of Fail-Operational Systems 2024-01-2808
The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy.
In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.
But the connectivity is accompanied by potential cyber security risks, eventually compromising a vehicles safety. Therefore, mitigating such risks by appropriate security measures is mandatory.
Unfortunately, the combination of functional safety and cyber security requirements aiming on the same target often contains a considerable potential for conflict, as they may be contradicting.
Especially in Fail-Operational systems, where system availability is a major safety goal, matching of both fields is quite a challenge. This paper depicts contradictions, raises related open question, offers possible answers and tries to encourage an industry-wide discussion of the stakeholders in the related fields.
