XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems

Fahad Siddiqui; Rafiullah Khan; Kieran McLaughlin; Sakir Sezer; Leonard Masing; Tobias Dörr; Florian Schade; Jürgen Becker; Alexander Ahlbrecht; Wanja Zaeske; Umut Durak; Nico Adler; Andreas Sailer; Raphael Weber; Thomas Wilhelm; Geza Nemeth; Victor Morales; Paco Gomez; Georgios Keramidas; Christos P. Antonopoulos; Michail Mavropoulos; Vasilios Kelefouras; Christos Panagiotou; Dimitris Karadimas; Nikolaos Voros

doi:10.1109/VTC2022-Spring54318.2022.9860859

XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems

Fahad Siddiqui, Rafiullah Khan, Kieran McLaughlin, Sakir Sezer, Leonard Masing, Tobias Dörr, Florian Schade, Jürgen Becker, Alexander Ahlbrecht, Wanja Zaeske, Umut Durak, Nico Adler, Andreas Sailer, Raphael Weber, Thomas Wilhelm, Geza Nemeth, Victor Morales, Paco Gomez, Georgios Keramidas, Christos P. AntonopoulosMichail Mavropoulos, Vasilios Kelefouras, Christos Panagiotou, Dimitris Karadimas, Nikolaos Voros

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

48 Downloads (Pure)

Abstract

The integration of connected and autonomous technologies in safety-critical and cyber-physical systems offers great potential in the vital application domains of transportation, manufacturing and aerospace. These technological advancements are necessary to meet the increasing demand for intelligent services, as they open doors to new business models by analysing and sharing the generated data. However, where this sharing of mix-critical data and broader connectivity brings opportunities, it simultaneously presents serious cybersecurity and safety risks due to the cyber-physical nature of these systems. Hence, delivering these intelligent services securely, safely, and reliably to its consumers is a complex engineering and design problem. One of the ways to approach this engineering problem is to consider both system functional and non-functional properties (safety, security, reliability) and systematically integrate them across system design and operational life cycle. The XANDAR project investigates this approach and aims to develop holistic software design methods and architectures for safety-critical and cyber-physical systems that guarantee functional and non-functional properties “by-construction”. This paper focuses on the non-functional aspects of the project and discusses the preliminary work. by presenting the core cybersecurity principles and uses them as a baseline to propose a holistic cybersecurity engineering process. The tasks of the proposed cybersecurity engineering process are also map onto relevant clauses of ISO 21434. In future, proposed work will be integrated into the XANDAR software toolchain and validated for an avionics situation perception pilot assistance and automotive autonomous driving use cases.

Original language	English
Title of host publication	95th IEEE Vehicular Technology Conference
Publisher	Institute of Electrical and Electronics Engineers Inc.
Number of pages	5
ISBN (Electronic)	978-1-6654-8243-1
ISBN (Print)	978-1-6654-8244-8
DOIs	https://doi.org/10.1109/VTC2022-Spring54318.2022.9860859
Publication status	Published - 19 Jun 2022
Event	IEEE International Vehicular Technology Conference - Helsinki, Finland Duration: 19 Jun 2022 → 22 Jun 2022 Conference number: 95 https://events.vtsociety.org/vtc2022-spring/

Publication series

Name	Vehicular Technology Conference: Proceedings
Publisher	IEEE
ISSN (Electronic)	2577-2465

Conference

Conference	IEEE International Vehicular Technology Conference
Abbreviated title	VTC
Country/Territory	Finland
City	Helsinki
Period	19/06/2022 → 22/06/2022
Internet address	https://events.vtsociety.org/vtc2022-spring/

Bibliographical note

Funding Information:
ACKNOWLEDGMENT This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 957210.

Publisher Copyright:
© 2022 EDAA.

Keywords

Cybersecurity
Cyber-Physical Embedded System
Secure-by-design
ISO 21434
Risk assessment
Cyber Resilience
Runtime Monitoring
Safety-critical

ASJC Scopus subject areas

Computer Science(all)
Engineering(all)
Artificial Intelligence
Information Systems
Software
Aerospace Engineering
Automotive Engineering
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1109/VTC2022-Spring54318.2022.9860859Licence: Unspecified

2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring)
© 2022 IEEE. This work is made available online in accordance with the publisher’s policies. Please refer to any applicable terms of use of the publisher.
Accepted author manuscript, 903 KBLicence: Unspecified

1 Active

R6656ECS: X-by-Construction Design framework for Engineering Autonomous & Distributed Real-time Embedded Software Systems’ — ‘XANDAR
Sezer, S., Garousi, V. & McLaughlin, K.
02/12/2020 → …
Project: Research

2 Participation in conference
1 Invited or keynote talk at national or international conference

Cybersecurity Engineering of Safety-critical Embedded Systems
Fahad Siddiqui (Advisor)
17 Jan 2023
Activity: Talk or presentation types › Invited or keynote talk at national or international conference
IEEE International Conference on High-performance Embedded Architecture and Compilation
Fahad Siddiqui (Participant)
16 Jan 2023 → 18 Jan 2023
Activity: Participating in or organising an event types › Participation in conference
IEEE Vehicular Technology Conference
Fahad Manzoor Siddiqui (Participant)
19 Jun 2022 → 22 Jun 2022
Activity: Participating in or organising an event types › Participation in conference

Cite this

Siddiqui, F., Khan, R., McLaughlin, K., Sezer, S., Masing, L., Dörr, T., Schade, F., Becker, J., Ahlbrecht, A., Zaeske, W., Durak, U., Adler, N., Sailer, A., Weber, R., Wilhelm, T., Nemeth, G., Morales, V., Gomez, P., Keramidas, G., ... Voros, N. (2022). XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. In 95th IEEE Vehicular Technology Conference (Vehicular Technology Conference: Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/VTC2022-Spring54318.2022.9860859

Siddiqui, Fahad ; Khan, Rafiullah ; McLaughlin, Kieran ; Sezer, Sakir ; Masing, Leonard ; Dörr, Tobias ; Schade, Florian ; Becker, Jürgen ; Ahlbrecht, Alexander ; Zaeske, Wanja ; Durak, Umut ; Adler, Nico ; Sailer, Andreas ; Weber, Raphael ; Wilhelm, Thomas ; Nemeth, Geza ; Morales, Victor ; Gomez, Paco ; Keramidas, Georgios ; Antonopoulos, Christos P. ; Mavropoulos, Michail ; Kelefouras, Vasilios ; Panagiotou, Christos ; Karadimas, Dimitris ; Voros, Nikolaos. / XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. 95th IEEE Vehicular Technology Conference. Institute of Electrical and Electronics Engineers Inc., 2022. (Vehicular Technology Conference: Proceedings).

@inproceedings{97496b0991ad4c49bf699f61ec7c9ccf,

title = "XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems",

abstract = "The integration of connected and autonomous technologies in safety-critical and cyber-physical systems offers great potential in the vital application domains of transportation, manufacturing and aerospace. These technological advancements are necessary to meet the increasing demand for intelligent services, as they open doors to new business models by analysing and sharing the generated data. However, where this sharing of mix-critical data and broader connectivity brings opportunities, it simultaneously presents serious cybersecurity and safety risks due to the cyber-physical nature of these systems. Hence, delivering these intelligent services securely, safely, and reliably to its consumers is a complex engineering and design problem. One of the ways to approach this engineering problem is to consider both system functional and non-functional properties (safety, security, reliability) and systematically integrate them across system design and operational life cycle. The XANDAR project investigates this approach and aims to develop holistic software design methods and architectures for safety-critical and cyber-physical systems that guarantee functional and non-functional properties “by-construction”. This paper focuses on the non-functional aspects of the project and discusses the preliminary work. by presenting the core cybersecurity principles and uses them as a baseline to propose a holistic cybersecurity engineering process. The tasks of the proposed cybersecurity engineering process are also map onto relevant clauses of ISO 21434. In future, proposed work will be integrated into the XANDAR software toolchain and validated for an avionics situation perception pilot assistance and automotive autonomous driving use cases.",

keywords = "Cybersecurity, Cyber-Physical Embedded System, Secure-by-design, ISO 21434, Risk assessment, Cyber Resilience, Runtime Monitoring, Safety-critical",

author = "Fahad Siddiqui and Rafiullah Khan and Kieran McLaughlin and Sakir Sezer and Leonard Masing and Tobias D{\"o}rr and Florian Schade and J{\"u}rgen Becker and Alexander Ahlbrecht and Wanja Zaeske and Umut Durak and Nico Adler and Andreas Sailer and Raphael Weber and Thomas Wilhelm and Geza Nemeth and Victor Morales and Paco Gomez and Georgios Keramidas and Antonopoulos, {Christos P.} and Michail Mavropoulos and Vasilios Kelefouras and Christos Panagiotou and Dimitris Karadimas and Nikolaos Voros",

note = "Funding Information: ACKNOWLEDGMENT This project has received funding from the European Union{\textquoteright}s Horizon 2020 research and innovation programme under grant agreement No 957210. Publisher Copyright: {\textcopyright} 2022 EDAA.; IEEE International Vehicular Technology Conference , VTC ; Conference date: 19-06-2022 Through 22-06-2022",

year = "2022",

month = jun,

day = "19",

doi = "10.1109/VTC2022-Spring54318.2022.9860859",

language = "English",

isbn = "978-1-6654-8244-8",

series = "Vehicular Technology Conference: Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "95th IEEE Vehicular Technology Conference",

url = "https://events.vtsociety.org/vtc2022-spring/",

}

Siddiqui, F, Khan, R, McLaughlin, K , Sezer, S, Masing, L, Dörr, T, Schade, F, Becker, J, Ahlbrecht, A, Zaeske, W, Durak, U, Adler, N, Sailer, A, Weber, R, Wilhelm, T, Nemeth, G, Morales, V, Gomez, P, Keramidas, G, Antonopoulos, CP, Mavropoulos, M, Kelefouras, V, Panagiotou, C, Karadimas, D & Voros, N 2022, XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. in 95th IEEE Vehicular Technology Conference. Vehicular Technology Conference: Proceedings, Institute of Electrical and Electronics Engineers Inc., IEEE International Vehicular Technology Conference , Helsinki, Finland, 19/06/2022. https://doi.org/10.1109/VTC2022-Spring54318.2022.9860859

XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. / Siddiqui, Fahad; Khan, Rafiullah; McLaughlin, Kieran ; Sezer, Sakir; Masing, Leonard; Dörr, Tobias; Schade, Florian; Becker, Jürgen; Ahlbrecht, Alexander; Zaeske, Wanja; Durak, Umut; Adler, Nico; Sailer, Andreas; Weber, Raphael; Wilhelm, Thomas; Nemeth, Geza; Morales, Victor; Gomez, Paco; Keramidas, Georgios; Antonopoulos, Christos P.; Mavropoulos, Michail; Kelefouras, Vasilios; Panagiotou, Christos; Karadimas, Dimitris; Voros, Nikolaos.

95th IEEE Vehicular Technology Conference. Institute of Electrical and Electronics Engineers Inc., 2022. (Vehicular Technology Conference: Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems

AU - Siddiqui, Fahad

AU - Khan, Rafiullah

AU - McLaughlin, Kieran

AU - Sezer, Sakir

AU - Masing, Leonard

AU - Dörr, Tobias

AU - Schade, Florian

AU - Becker, Jürgen

AU - Ahlbrecht, Alexander

AU - Zaeske, Wanja

AU - Durak, Umut

AU - Adler, Nico

AU - Sailer, Andreas

AU - Weber, Raphael

AU - Wilhelm, Thomas

AU - Nemeth, Geza

AU - Morales, Victor

AU - Gomez, Paco

AU - Keramidas, Georgios

AU - Antonopoulos, Christos P.

AU - Mavropoulos, Michail

AU - Kelefouras, Vasilios

AU - Panagiotou, Christos

AU - Karadimas, Dimitris

AU - Voros, Nikolaos

N1 - Conference code: 95

PY - 2022/6/19

Y1 - 2022/6/19

N2 - The integration of connected and autonomous technologies in safety-critical and cyber-physical systems offers great potential in the vital application domains of transportation, manufacturing and aerospace. These technological advancements are necessary to meet the increasing demand for intelligent services, as they open doors to new business models by analysing and sharing the generated data. However, where this sharing of mix-critical data and broader connectivity brings opportunities, it simultaneously presents serious cybersecurity and safety risks due to the cyber-physical nature of these systems. Hence, delivering these intelligent services securely, safely, and reliably to its consumers is a complex engineering and design problem. One of the ways to approach this engineering problem is to consider both system functional and non-functional properties (safety, security, reliability) and systematically integrate them across system design and operational life cycle. The XANDAR project investigates this approach and aims to develop holistic software design methods and architectures for safety-critical and cyber-physical systems that guarantee functional and non-functional properties “by-construction”. This paper focuses on the non-functional aspects of the project and discusses the preliminary work. by presenting the core cybersecurity principles and uses them as a baseline to propose a holistic cybersecurity engineering process. The tasks of the proposed cybersecurity engineering process are also map onto relevant clauses of ISO 21434. In future, proposed work will be integrated into the XANDAR software toolchain and validated for an avionics situation perception pilot assistance and automotive autonomous driving use cases.

AB - The integration of connected and autonomous technologies in safety-critical and cyber-physical systems offers great potential in the vital application domains of transportation, manufacturing and aerospace. These technological advancements are necessary to meet the increasing demand for intelligent services, as they open doors to new business models by analysing and sharing the generated data. However, where this sharing of mix-critical data and broader connectivity brings opportunities, it simultaneously presents serious cybersecurity and safety risks due to the cyber-physical nature of these systems. Hence, delivering these intelligent services securely, safely, and reliably to its consumers is a complex engineering and design problem. One of the ways to approach this engineering problem is to consider both system functional and non-functional properties (safety, security, reliability) and systematically integrate them across system design and operational life cycle. The XANDAR project investigates this approach and aims to develop holistic software design methods and architectures for safety-critical and cyber-physical systems that guarantee functional and non-functional properties “by-construction”. This paper focuses on the non-functional aspects of the project and discusses the preliminary work. by presenting the core cybersecurity principles and uses them as a baseline to propose a holistic cybersecurity engineering process. The tasks of the proposed cybersecurity engineering process are also map onto relevant clauses of ISO 21434. In future, proposed work will be integrated into the XANDAR software toolchain and validated for an avionics situation perception pilot assistance and automotive autonomous driving use cases.

KW - Cybersecurity

KW - Cyber-Physical Embedded System

KW - Secure-by-design

KW - ISO 21434

KW - Risk assessment

KW - Cyber Resilience

KW - Runtime Monitoring

KW - Safety-critical

U2 - 10.1109/VTC2022-Spring54318.2022.9860859

DO - 10.1109/VTC2022-Spring54318.2022.9860859

M3 - Conference contribution

SN - 978-1-6654-8244-8

T3 - Vehicular Technology Conference: Proceedings

BT - 95th IEEE Vehicular Technology Conference

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - IEEE International Vehicular Technology Conference

Y2 - 19 June 2022 through 22 June 2022

ER -

Siddiqui F, Khan R, McLaughlin K , Sezer S, Masing L, Dörr T et al. XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. In 95th IEEE Vehicular Technology Conference. Institute of Electrical and Electronics Engineers Inc. 2022. (Vehicular Technology Conference: Proceedings). https://doi.org/10.1109/VTC2022-Spring54318.2022.9860859

XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Fingerprint

Projects

R6656ECS: X-by-Construction Design framework for Engineering Autonomous & Distributed Real-time Embedded Software Systems’ — ‘XANDAR

Activities

Cybersecurity Engineering of Safety-critical Embedded Systems

IEEE International Conference on High-performance Embedded Architecture and Compilation

IEEE Vehicular Technology Conference

Cite this