Threat Analysis Framework for Safety Architectures in SCDL.

Cybersecurity threats have become a reality for safety critical systems such as automobiles, railways and avionics witnessing cybersecurity incidents and research reports from white hackers. Threat analysis plays an important role to identify potential threats in early stages of the system development and it is a common understanding that the threat analysis for safety critical systems need to assess an effect caused by threats against safety. In this paper, we propose a threat analysis framework on safety concepts required by ISO 26262 in an architecture description language SCDL (Safety Concept Description Language) specifically designed for safety concepts modeling in ISO 26262 and demonstrate the effectiveness of our framework on a case study. Our research result shows the potential usage of SCDL for threat analysis and effect analysis between functional safety and cybersecurity.