Skip to main content

SAFety and secURity by design for interconnected mixed-critical cyber-physical systems

Article Category

Article available in the folowing languages:

Strategies, methodologies and tools to make embedded systems safer

An EU initiative has addressed the need to better detect, prevent and protect mixed-critical systems against vulnerabilities and attacks.

Digital Economy

Embedded systems are much more complex nowadays than they were a few years ago. As a result, it’s becoming increasingly necessary to develop appropriate strategies during the design phase, so that aspects such as data integrity, timing and temperature are less critical to the system. What is more, the current approach to secure safety-critical embedded systems is to generally keep subsystems separate. However, this method is now being challenged by technological evolution towards openness, increased communications and use of multi-core architectures. The EU-funded SAFURE project’s objective was to “design a cyber-physical system by implementing a methodology that ensures safety and security by construction,” says project coordinator Klaus-Michael Koch. “This methodology is enabled by a framework developed to extend system capabilities so as to control the concurrent effect of security threats on system behaviour.” With this in mind, the project set out to allow European suppliers of safety-critical embedded products to develop a more cost- and energy-aware solution. Project partners implemented a holistic approach towards enabling the safety and security of embedded dependable systems to detect and prevent potential attacks. By doing so, they “empower developers and designers with analysis methods, development tools and execution capabilities that jointly address security and safety issues,” notes Koch. The partners also laid the foundations for the development of SAFURE-compliant mixed-critical embedded products. Framework to detect, prevent and protect against security threats “One of the major stepping stones in this direction is to keep critical subsystems within their safety and security boundaries without impairing performance,” he explains. The SAFURE team created a framework that is able to monitor potential attacks against system integrity from time, energy, temperature and data threats. It extends system capabilities to preserve system integrity. This is achieved by seamlessly integrating security requirements into safety systems in a way that has never been done before. These extensions are applicable from design and development stages to application deployment and execution on multi-core chips and high-performance distributed systems. The framework is reinforced by a methodology or set of guidelines to assist designers and developers in addressing security in a safety setting. Team members developed this methodology to support the joint design of safety and security of embedded systems. Proof-of-concept was attained through three industrial use cases in the telecommunications and automotive sectors. At the same time, they created specifications for the design of SAFURE-compliant products. Generating multiple benefits SAFURE will assist European suppliers of safety-critical embedded products in developing more cost-effective and energy-efficient solutions. Its system reduces total costs of ownership by lowering the high engineering expenses associated with the complexity of testing, validation and (re)certification. The project enhances mixed-criticality and reconfiguration capabilities (online and offline) while keeping security in mind. In addition, it improves performance and resource usage on complex systems with safety and security constraints. To achieve real exploitation and market impact, the consortium has worked diligently to improve the technology. “One of the most important accomplishments of SAFURE is its significant contribution to standards and the extension of current standards,” Koch concludes. “The automotive use cases are convincing and clearly linked to real business requirements.” To realise such outcomes, the project pushed the limits of current approaches to safety and security of mixed-critical systems.


SAFURE, safety, security, embedded systems, mixed-critical systems, safety-critical embedded products, security threats, cyber-physical system

Discover other articles in the same domain of application