[SystemSafety] UK principles for security of driverless cars [No Classification]

Barnes, Robert A (NNPPI) Robert.Barnes2 at rolls-royce.com
Tue Aug 8 19:06:28 CEST 2017


This message has been marked as No Classification by Barnes, Robert A (NNPPI)
Hi Martyn

The interplay between safety and security isn't apparent in the principles.  My experience of discussing security with safety engineers (and engineers in safety critical work) is that it's concerned with authorisation and confidentiality, and is something separate to safety ie. "Outside of the sphere of things I have to be worried about right now."  I am concerned that, when discussing vehicle security, we are in danger of falling into the same trap.  When considering vehicle security, many would think of locks, alarms and immobilisers - these are all solved problems.  What we should be worried about is someone remotely abusing the internet-connected entertainment system to interfere with the safe operation of the vehicle, and that doesn't come across in the principles.

Regards,
-Rob


The following attachments and classifications have been attached:
From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Martyn Thomas
Sent: 08 August 2017 16:36
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: [SystemSafety] UK principles for security of driverless cars


https://www.gov.uk/government/publications/principles-of-cyber-security-for-connected-and-automated-vehicles/the-key-principles-of-vehicle-cyber-security-for-connected-and-automated-vehicles

Views?

Martyn
The data contained in, or attached to, this e-mail, may contain confidential information. If you have received it in error you should notify the sender immediately by reply e-mail, delete the message from your system and contact +44 (0) 3301235850 (Security Operations Centre) if you need assistance. Please do not copy it for any purpose, or disclose its contents to any other person.

An e-mail response to this address may be subject to interception or monitoring for operational reasons or for lawful business practices.

(c) 2017 Rolls-Royce plc

Registered office: 62 Buckingham Gate, London SW1E 6AT Company number: 1003142. Registered in England.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20170808/b48e780c/attachment.html>


More information about the systemsafety mailing list