XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems

Abstract

The integration of connected and autonomous technologies in safety-critical and cyber-physical systems offers great potential in the vital application domains of transportation, manufacturing and aerospace. These technological advancements are necessary to meet the increasing demand for intelligent services, as they open doors to new business models by analysing and sharing the generated data. However, where this sharing of mix-critical data and broader connectivity brings opportunities, it simultaneously presents serious cybersecurity and safety risks due to the cyber-physical nature of these systems. Hence, delivering these intelligent services securely, safely, and reliably to its consumers is a complex engineering and design problem. One of the ways to approach this engineering problem is to consider both system functional and non-functional properties (safety, security, reliability) and systematically integrate them across system design and operational life cycle. The XANDAR project investigates this approach and aims to develop holistic software design methods and architectures for safety-critical and cyber-physical systems that guarantee functional and non-functional properties “byconstruction”. This paper focuses on the non-functional aspects of the project and discusses the preliminary work. by presenting the core cybersecurity principles and uses them as a baseline to propose a holistic cybersecurity engineering process. The tasks of the proposed cybersecurity engineering process are also map onto relevant clauses of ISO 21434. In future, proposed work will be integrated into the XANDAR software toolchain and validated for an avionics situation perception pilot assistance and automotive autonomous driving use cases.