SlideShare a Scribd company logo

Functional Safety and Security process alignment

Download as PPTX, PDF
Alan Tatourian
Alan Tatourian

This document discusses security and safety requirements for Intel systems. It describes performing threat analysis and risk assessment (TARA) along with hazard analysis and risk assessment (HARA) to define security and safety goals. Additionally, it proposes adding security mechanisms such as checking for file tampering and application trust when monitoring graphics systems to protect against threats.

Related slideshows

IT and OT Convergence
IT and OT ConvergenceIT and OT Convergence
IT and OT Convergence
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 days
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
1 of 5
Intel Confidential 1 Safety/Security Requirements Flow Definition of security environment5 Threat Analysis and Risk Assessment (TARA)6 Security requirements8 Overall Hazard and Risk Analysis9 Safety/Security requirements10 Safety/Security requirements allocation11 Security objectives7 Definition of concept1 Safety scope and definition2 Hazard Analysis and Risk Assessment (HARA)3 Safety requirements4 Functional Safety Flow Security Flow Unified Flow
Intel Confidential 2 HARA and TARA Done Together Threat Security Goal AssetOwner Attacker Malicious Action Attack Potential Point of Attack with regard to with risk of has a value for has for execution of reduced by performed at TARA HARA Define the safety item Determine features to realize safety item Determine malfunctions of functions Determine operational scenarios Identify possible hazards (effects) Evaluate the ASIL and determine the safety goals
Intel Confidential 3 Mixed-Criticality Cluster
Intel Confidential 4 Graphics Fail-Safe Step By Step 1. Monitor parses configuration file for checking criteria 2. Cluster app requests Screen to display a symbol 3. Cluster app requests Monitor to check the rendered symbol 4. Monitor retrieves the framebuffer from Screen 5. Monitor performs checking according to criteria from (1) 6. Monitor notifies the cluster app of the checking results 7. Cluster app decides the course of action
Intel Confidential 5 Security Mechanism to Protect Graphics 1. Monitor parses configuration file for checking criteria (Was the file tampered with? Is the monitor trusted?) 2. Cluster app requests Screen to display a symbol (Does the application run in a trusted sandbox? Is the application trusted?) 3. Cluster app requests Monitor to check the rendered symbol 4. Monitor retrieves the framebuffer from Screen 5. Monitor performs checking according to criteria from (1) 6. Monitor notifies the cluster app of the checking results 7. Cluster app decides the course of action Does the application trust the message? Was the configuration file tampered? Is the application trusted? Is the monitor trusted?

More Related Content

Functional Safety and Security process alignment

  • 1. Intel Confidential 1 Safety/Security Requirements Flow Definition of security environment5 Threat Analysis and Risk Assessment (TARA)6 Security requirements8 Overall Hazard and Risk Analysis9 Safety/Security requirements10 Safety/Security requirements allocation11 Security objectives7 Definition of concept1 Safety scope and definition2 Hazard Analysis and Risk Assessment (HARA)3 Safety requirements4 Functional Safety Flow Security Flow Unified Flow
  • 2. Intel Confidential 2 HARA and TARA Done Together Threat Security Goal AssetOwner Attacker Malicious Action Attack Potential Point of Attack with regard to with risk of has a value for has for execution of reduced by performed at TARA HARA Define the safety item Determine features to realize safety item Determine malfunctions of functions Determine operational scenarios Identify possible hazards (effects) Evaluate the ASIL and determine the safety goals
  • 4. Intel Confidential 4 Graphics Fail-Safe Step By Step 1. Monitor parses configuration file for checking criteria 2. Cluster app requests Screen to display a symbol 3. Cluster app requests Monitor to check the rendered symbol 4. Monitor retrieves the framebuffer from Screen 5. Monitor performs checking according to criteria from (1) 6. Monitor notifies the cluster app of the checking results 7. Cluster app decides the course of action
  • 5. Intel Confidential 5 Security Mechanism to Protect Graphics 1. Monitor parses configuration file for checking criteria (Was the file tampered with? Is the monitor trusted?) 2. Cluster app requests Screen to display a symbol (Does the application run in a trusted sandbox? Is the application trusted?) 3. Cluster app requests Monitor to check the rendered symbol 4. Monitor retrieves the framebuffer from Screen 5. Monitor performs checking according to criteria from (1) 6. Monitor notifies the cluster app of the checking results 7. Cluster app decides the course of action Does the application trust the message? Was the configuration file tampered? Is the application trusted? Is the monitor trusted?