{"id":5113,"date":"2021-05-11T09:10:03","date_gmt":"2021-05-11T07:10:03","guid":{"rendered":"https:\/\/lorit-consultancy.com\/en\/?p=5113"},"modified":"2022-09-26T15:49:00","modified_gmt":"2022-09-26T13:49:00","slug":"handling-cybersecurity-with-sotif-a-question-of-luck","status":"publish","type":"post","link":"https:\/\/lorit-consultancy.com\/en\/2021\/05\/handling-cybersecurity-with-sotif-a-question-of-luck\/","title":{"rendered":"Handling cybersecurity with SOTIF \u2013 A question of luck?"},"content":{"rendered":"\n<p>Nowadays almost everything is interconnected. The so-called \u201c<strong>Internet of Things<\/strong>\u201d or IoT for short. Your fridge sends a shopping order to the supermarket when it is empty, your car drives itself while you are watching your goldfish via webcam \u2013 communication is everywhere.<\/p>\n\n\n\n<p>Of course, this encourages criminal elements who want to interact and benefit from those connections. Highly sophisticated, well-trained individuals, hacking on their computers right into your private sphere. No one knows them, they live in the dark web and you cannot do anything against them.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1477\" src=\"https:\/\/lorit-consultancy.com\/wp-content\/uploads\/2021\/05\/hacker-3342696_1920.jpg\" alt=\"\" class=\"wp-image-5120\" srcset=\"https:\/\/lorit-consultancy.com\/wp-content\/uploads\/2021\/05\/hacker-3342696_1920.jpg 1920w, https:\/\/lorit-consultancy.com\/wp-content\/uploads\/2021\/05\/hacker-3342696_1920-1024x788.jpg 1024w, https:\/\/lorit-consultancy.com\/wp-content\/uploads\/2021\/05\/hacker-3342696_1920-768x591.jpg 768w, https:\/\/lorit-consultancy.com\/wp-content\/uploads\/2021\/05\/hacker-3342696_1920-1536x1182.jpg 1536w\" sizes=\"auto, (max-width: 1920px) 100vw, 1920px\" \/><\/figure>\n\n\n\n<p>The only good thing is, that most developers know exactly how to deal with them \u2026 don\u2019t they?<\/p>\n\n\n\n<p>I assume that this is the general understanding of cybersecurity. And in my humble opinion, this is a misunderstanding.<\/p>\n\n\n\n<p>First a short reminder: <strong>Security<\/strong> is freedom from, or defined resilience against, potential harm (or other unwanted coercive change) caused by others. And <strong>Cybersecurity<\/strong> is the protection of computer systems \u2026<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p><strong><em>To get a better overview, these are the definitions from different standards:<\/em><\/strong><\/p>\n\n\n\n<p><strong>General (NIST &#8211; Framework for Improving Critical Infrastructure Cybersecurity):<\/strong><br><strong>Cybersecurity:<\/strong> The process of protecting information by preventing, detecting, and responding to attacks.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Medical Products (<a href=\"https:\/\/lorit-consultancy.com\/en\/standards\/medical-devices\/aamitir57\/\" target=\"_blank\" rel=\"noreferrer noopener\">AAMI TIR57<\/a>):<\/strong><br><strong>Data and systems security:<\/strong> Operational state of a medical device in which information assets (data and systems) are reasonably protected from degradation of confidentiality, integrity, and availability.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Automotive (<a href=\"https:\/\/lorit-consultancy.com\/en\/standards\/automotive\/isosae21434\/\" target=\"_blank\" rel=\"noreferrer noopener\">ISO SAE 21434<\/a>):<\/strong><br><strong>Cybersecurity:<\/strong> Condition in which assets (something for which the compromise of its cybersecurity properties can lead to damage to an item\u2019s stakeholder) are sufficiently protected against threat scenarios to electrical or electronic components of road vehicles and their functions.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Industry (IEC 62443-1-1):<\/strong><br><strong>Cybersecurity:<\/strong> Actions required to prelude unauthorized use of, denial of service to, modifications to, disclosure of, loss of revenue from, or destruction of critical systems or informational assets.<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Misunderstanding #1: Form of attack<\/strong><\/h2>\n\n\n\n<p>As can be seen in the definition of cybersecurity it is the protection of the system. Nowhere it is defined what the system is to be protected against. And that is the crux \u2013 it is just defined as <strong>protection against the outside world.<\/strong><\/p>\n\n\n\n<p>Therefore, the attacks can happen in any form that the system can perceive. For example, a self-driving car works with cameras and monitors the street ahead. If there is a 3D painting revealing or \u2013 even worse -obfuscating an obstacle the car will react \u2013 or in case of obfuscating not react. In Austria, artificial cops have been placed alongside the road&nbsp; &nbsp;to encourage drivers to reduce their speed. A self-driving car can identify this cop as a pedestrian intending to cross the street and hits the brakes \u2026<\/p>\n\n\n\n<p>This leads to the next misunderstanding:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Misunderstanding #2: Only criminal organizations are hackers<\/strong><\/h2>\n\n\n\n<p>A street artist is no criminal mastermind nor is the police of Austria. And this is all well explained in the standards for cybersecurity (<a href=\"https:\/\/lorit-consultancy.com\/en\/standards\/automotive\/isosae21434\/\" target=\"_blank\" rel=\"noreferrer noopener\">ISO\/SAE 21434 \u201cRoad vehicles \u2013 Cybersecurity Engineering\u201d<\/a>) in the <strong>threat and risk analysis (TARA)<\/strong> at the beginning of every project with the question \u201c<strong>Who might corrupt or manipulate your system?<\/strong>\u201d And the different options are of course criminal elements, terror organizations, or even hostile countries \u2013 but also people fiddling around with your system, destabilizing it intentionally or even unintentionally.<\/p>\n\n\n\n<p>One good example of intentional fiddling and manipulation is the Tesla orange. With this \u201chack\u201d the system of the autopilot was and still is corrupted \u2026 even without any software or years of studying electronics.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>The main problem<\/strong><\/h2>\n\n\n\n<p>When defining your intended functionality, you should be a clairvoyant to foresee all potential hacks. The creativity to fiddle is overwhelming. And most of the time the reasons for it are \u201cI do not like that feature, how can I get a workaround?\u201d and \u201cAm I able to manipulate it and start something funny or cause havoc?\u201d.<\/p>\n\n\n\n<p>First, the bad news: <strong>you will never be able to foresee all of these intrusions or misuses<\/strong>.<\/p>\n\n\n\n<p>Second, the good news: <strong>nobody expects you to<\/strong>. What is expected is that you think of the actual threats (in your TARA at the beginning of your project) and monitor your product during its lifetime and react to new threats.<\/p>\n\n\n\n<p>And it is essential, that the TARA will be performed by people with different backgrounds and experience. The <a href=\"https:\/\/lorit-consultancy.com\/en\/standards\/automotive\/isodis21448\/\" target=\"_blank\" rel=\"noreferrer noopener\">ISO\/DIS 21448 (Road vehicles \u2014 Safety of the intended functionality\/ SOTIF<\/a>) describes it very well: To reduce the unknown hazards and turn them into known hazards. How can your intended functions be influenced or changed &#8211; unintended, by misuse, or on purpose?<\/p>\n\n\n\n<p>So, the bottom line is: Know your system and its intended functionality.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nowadays almost everything is interconnected. The so-called \u201cInternet of Things\u201d or IoT for short. Your fridge sends a shopping order to the supermarket when it is empty, your car drives itself while you are watching your goldfish via webcam \u2013 communication is everywhere. Of course, this encourages criminal elements who want to interact and benefit [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":5114,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[],"class_list":["post-5113","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"acf":[],"_links":{"self":[{"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/posts\/5113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/comments?post=5113"}],"version-history":[{"count":7,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/posts\/5113\/revisions"}],"predecessor-version":[{"id":5124,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/posts\/5113\/revisions\/5124"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/media\/5114"}],"wp:attachment":[{"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/media?parent=5113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/categories?post=5113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lorit-consultancy.com\/en\/wp-json\/wp\/v2\/tags?post=5113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}