LDRA, the leader in standards compliance, automated software verification, software code analysis, and test tools, has announced support within the LDRA tool suite for SAE International’s Surface Vehicle Recommended Practice J3061. The tool suite now provides an ISO 26262–compliant cybersecurity development process for critical automotive applications that must be secure to ensure safety, including advanced driver assistance systems (ADAS), autonomous vehicles, infotainment, steering and braking, adaptive cruise control, lane departure warning systems, and more.
Connected vehicles are increasingly becoming targets for cybersecurity attacks, making security a critical aspect of vehicle safety. While ISO 26262 addresses functional safety in the development of automotive systems, cybersecurity must also be designed and built into automotive applications throughout the development lifecycle to provide defence in depth. SAE J3061 provides an engineering process framework that integrates with other development processes for the comprehensive and systematic design of cybersecurity into vehicle systems. With the LDRA tool suite, developers can now map security goals to particular software assets and cross-reference those to appropriate safety goals and requirements.
“With the many complex electronic systems in every new automobile—often mixed and matched from different tiered suppliers—carmakers have an increasingly difficult challenge securing vehicles from myriad cyberattack vectors,” said Steve Hoffenberg, industry analyst and director, VDC Research. “Vehicle electronics now must be designed from the ground up with cybersecurity as a core principle, including the ability to develop and test software in a rigorous manner for safety and security. The framework laid out by SAE J3061 is a significant step in helping automotive developers along that path.”
“We continue to demonstrate our commitment and leadership in the areas of cybersecurity and functional safety in life-critical systems such as automotive applications,” said Ian Hennell, operations director, LDRA. “By integrating the process framework of SAE J3061 into our tool suite, we enable automotive suppliers and OEMs to mitigate risk and increase their confidence that their software is safe and secure by construction.”
The LDRA tool suite supports the following J3061 processes and requirements related to ISO 26262, among others, for automotive applications:
- SAE J3061 section 8.6.2: Methods for verification of the architectural design accomplished through control flow and data flow analysis. LDRA static analysis tools provide a view into the hierarchical structure of software components, cohesion within the components, coupling among the software components, and data and control flow analysis for ASIL A through ASIL D.
- SAE J3061 section 8.6.5: Software unit design to ensure the objective of specifying software units in accordance with software architectural design. The LDRA tool suite supports the use of coding guidelines such as MISRA, CERT, and CWE for more secure, reliable, and maintainable code, identifying coding errors and security vulnerabilities so that they can be addressed immediately. The tool suite’s static analysis capabilities ensure that the architectural design and unit implementation principles required by ISO 26262-6:2011 can be checked automatically.
- SAE J3061 Section 8.6.6: Code reviews throughout software design and implementation. The LDRA tool suite automates the code review process to increase efficiency and reduce opportunity for human error in comparison to peer code reviews. Static analysis can identify vulnerabilities in code that may meet the syntactic requirements of the language while still containing unpredictable or undefined behaviours.
- SAE J3061 Section 8.6.7: Software unit testing and SAE J3061 Section 8.6.8: Software integration testing. Safety-related units must be run on the target and the test results must comply with the safety and security requirements. The LDRA tool suite supports testing on both development and target platforms using the same test cases, and also supports robustness testing, which is complementary to fuzz testing (recommended by J3061). Boundary value analysis, conditional value analysis, error guessing, and error seeding tests are supported.
- SAE J3061 Section 8.6.9: Verification/validation of software cybersecurity requirements. During implementation, the LDRA tool suite conducts cybersecurity tests covering all software cybersecurity requirements to verify that the actual results match the requirement results. The tool suite’s bidirectional traceability mechanism ensures that these requirements are fulfilled. LDRA tools have been certified by TÜV SÜD and TÜV Saar in safety-critical environments under ISO 26262.
The LDRA tool suite for Automotive with support for SAE J3061 is available now. An in-depth white paper on Applying SAE J3061 to ISO 26262 processes with the LDRA tool suite is available for download at www.ldra.com/SAEJ3061.