Towards Efficiently Checking Compliance Against Automotive Security and Safety Standards

The growing connectivity of the systems that we rely on e.g. transportation vehicles is pushing towards the introduction of new standards aimed at providing a baseline to address cybersecurity besides safety. If the interplay of the two normative spaces is not mastered, compliance management might become more time consuming and costly, preventing engineers from dedicating their energies to system engineering. In this paper, we build on top of previous work aimed at increasing efficiency and confidence in compliance management. More specifically, we contribute to building a terminological framework needed to enable the systematization of commonalities and variabilities within ISO 26262 and SAE J3061. Then, we focus our attention on the requirements for software design and implementation and we use defeasible logic to prove compliance. Based on the compliance checking results, we reveal reuse opportunities. Finally, we draw our conclusions and sketch future research directions.