I started a new job and two important aspects of my responsibilities are safety and security. To be more specific, high level SIL 3 or ASIL-D in combination with hardware security measures "Trusted Platform" are either highly desired or down right required. My question to the community is how common are these requirements and how much money are manufacturers and end customers willing to spent on this subject? Is it more expensive to have hardware based security in every device or taking the risk of being hacked? Today, most lower cost devices are still using software security but chances of being hacked are so much higher. It is a dilemma, if we enter the market with great security options, our products might be too expensive, if the products get hacked, the company could go bankrupt. In regards to safety, how much redundancy is enough? Your opinion? Rob
> SIL 3 or ASIL-D Never heard about that. > In regards to safety, how much redundancy is enough? Depends on your device and application. You did not tell anything about it. I would recommend to let experienced testers find and document all weak points (in source code, schematics, process documentation as well as by doing a lot of tests). Compare that with the requirements and calculate how much (money, reputation) an issue may cost. Then decide together with your insurance if the risk is acceptable or not.
Rob T. wrote: > I started a new job and two important aspects of my responsibilities are > safety and security. To be more specific, high level SIL 3 or ASIL-D in > combination with hardware security measures "Trusted Platform" are > either highly desired or down right required I hope you are not the only one at your employer. And you have support by a trained team. Rob T. wrote: > how much money are manufacturers and end customers willing to spent on > this subject? The end customer expects that it works reliable and safe at no extra cost. Rob T. wrote: > SIL 3 or ASIL-D SIL 3 and ASIL-D are saftety levels. SIL 3 belongs to (eventually self driving) machines ASIL-D is the highest automotive safety level. (ABS/ESP, electrical steering or autonomous driving). Some general rules for engine control units (gasoline/diesel) can be found here: (here you deal with ASIL-B for the risk of unintended acceleration which can be handled by braking of the driver, for ASIL-D risks you will need more effort). https://web.archive.org/web/20160804054533/https://www.iav.com/sites/default/files/attachments/seite//ak-egas-v6-0-en-150922.pdf Security (hacking) is not supported by these levels. stay happy
Rob T. wrote: > My question to the community is how common are these requirements They are required in a lot of B2B productes. (Factory equipment, chemical industry, rockets, military, OEM for automotive just like ABS oder ESP) > and > how much money are manufacturers and end customers willing to spent on > this subject? Those who need it are willing to spend. > Is it more expensive to have hardware based security in every device or > taking the risk of being hacked For a B2B customer it is more expensive to have a malfunction. For a B2C customer it is considered irrelevant. He will buy the cheapest.
Watch this topic
Disable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
Do you have a Google/GoogleMail account? No registration required!
Log in with Google account
Log in with Google account
No account? Register here.