ABSTRACT
Many autonomous systems are safety-critical, e.g., autonomous cars, boats, or aerial vehicles. Autonomous systems rely on software and communications. Security vulnerabilities of software and communication will give adversaries possibilities to attack and compromise security and safety. Therefore, when analysing safety, security should be co-analysed. In this study, we explored three safety and security co-analysis methods: Systems-Theoretic Process Analysis (STPA) plus STPA-Security Analysis (STPA-Sec), Failure Mode, Vulnerabilities and Effect Analysis (FMVEA), and Combined Harm Assessment of Safety and Security for Information Systems (CHASSIS). The purpose is to compare applicability, efficiency, and hazards identified by the different methods. An autonomous boat is used as the case study. Results of the study show that STPA plus STPA-Sec and CHASSIS can be more time consuming to use than FMVEA. However, STPA plus STPA-Sec and CHASSIS can help analysers identify more hazards of autonomous systems than FMVEA. Results of the study reveals weaknesses of each method to analyse autonomous systems with different levels of autonomy. We therefore propose possible improvements and combinations of the methods.
