Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology

ISSN No:-2456-2165

HATARA: A Novel Approach by Fusion of

HARA and TARA for System Safety and
Security Analysis
Jherrod Thomas
Certified Functional Safety Expert, Tomco Service Group LLC
The Lion of Functional Safety™

Abstract:- The manuscript presents a thorough I. INTRODUCTION

investigation into the HATARA framework, an
innovative fusion of Hazard Analysis and Risk IN the automotive sector, a profound shift is
Assessment (HARA) with Threat Analysis and Risk underway, underscored by technology’s swift integration
Assessment (TARA), aimed at concurrently addressing and progression within vehicular frameworks. This
the domains of safety and cybersecurity within transition has engendered a heightened complexity in
automotive systems. This integrated approach is automotive architectures, chiefly due to the advent of
deemed imperative amidst the growing complexity and connectivity and advanced functional features. While
connectivity of contemporary vehicles, especially those these developments augment the end-user experience,
that are autonomous and connected. The study they concurrently pose novel challenges in the domain of
elaborates on the procedural synergies and system development [1], [2].
methodological convergences between the disciplines
of safety and security, enabled through HATARA, to A pivotal facet of these emerging challenges is the
promote a comprehensive analytical paradigm. simultaneous consideration of multiple quality attributes,
Through a series of illustrative case studies, the utility explicitly focusing on functional safety and cybersecurity.
of this framework in improving risk mitigation In the auto-motive context, functional safety denotes the
strategies, optimizing development processes, and vehicle’s ability to maintain safe operation even in system
enhancing the resilience of automotive systems against malfunctions [3]. Historically, this aspect has been
a variety of threats is substantiated. Additionally, the integral to automotive design, underpinning the
paper recognizes the challenges inherent in deploying dependability and safety of vehicles [4].
such an all-encompassing analysis framework,
including the need for specialized knowledge and the Concurrently, cybersecurity has risen to prominence
complexities associated with harmonizing diverse as an attribute of equal significance in the era of
analytical methodologies. The significance of this interconnected vehicles. Automotive cybersecurity
paper lies in its in-depth exposition of HATARA, transcends traditional notions of data protection,
providing a systematic methodology for the integration encompassing the preservation of vehicular operational
of safety and security risk assessments, thereby integrity and passenger safety [5]. As vehicular systems
fulfilling a vital requirement for thorough, unified evolve towards more excellent connectivity and
analyses amidst the advancement of automotive autonomy, the potential cyber threats increase, elevating
technologies. This research not only enriches the the importance of cybersecurity in vehicular safety.
scholarly dialogue on automotive safety and security
but also offers practical insights for industry Integrating safety and security within automotive
practitioners, aimed at enhancing the reliability of systems is not merely a juxtaposition of two distinct
future automotive innovations. attributes but an intricate understanding and management
of their mutual dependencies. Approaching these domains
Keywords:- ISO 26262, ISO 21434, HARA, TARA, in isolation may result in scenarios where mitigating risk
HATARA Automotive Safety, Risk Assessment, in one domain inadvertently heightens or neglects risks in
Technological Integration, Hazard Analysis, Automotive the other [1]. Hence, an integrative strategy that
Industry Standards contemplates safety and security in engineering and
developing automotive systems is imperative [6].

IJISRT24FEB335 www.ijisrt.com 381

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
This necessity for an integrated approach is In essence, the fusion of HARA and TARA is
particularly salient in the context of autonomous and propelled by the necessity to adapt to the shifting risk
semi-autonomous vehicles. These vehicles are reliant on milieu in the automotive industry, where the boundaries
sophisticated networks of sensors, control mechanisms, between safety and security are increasingly overlapping.
and data processing units, necessitating their reliable and The overarching ambition is to guarantee that modern
secure operation to safeguard both functional safety and vehicles are functionally safe and robustly fortified
cybersecurity [3], [7]. against the expanding array of cyber threats.

The evolving dynamics of automotive systems, B. Significance of Comprehensive Safety And Security
marked by increased connectivity and automation, call for Analysis:-
a fundamental alteration in system development The paramount importance of a thorough safety and
paradigms. This alteration should be oriented towards a security analysis in contemporary automotive systems is
comprehensive approach, prioritizing the concurrent and indisputable. An all-encompassing strategy is essential, as
intertwined demands of functional safety and separate examinations of safety or security fail to
cybersecurity to ensure the robustness and resilience of adequately address the array of risks present in
vehicles in the contemporary, interconnected, and techno- sophisticated, interlinked systems. The interrelationship
logically advanced landscape [5]. between safety and security implies that a deficiency in
one domain can substantially affect the other [1].
A. Motivation and Objective:-
The impetus for amalgamating Hazard Analysis and The convergence of operational and informational
Risk Assessment (HARA) with Threat Analysis and Risk technologies in vehicular systems has ushered in novel
Assessment (TARA) emanates from the progressively vulnerabilities and threats. For example, connected
converging realms of safety and security in contemporary vehicles are prone to cyber-attacks, which could
automotive systems. The distinction between safety and jeopardize data integrity and the vehicle’s physical
security risks is progressively diminishing within functioning. This reality necessitates the inclusion of
autonomous and connected vehicles. Safety risks, cybersecurity threats in the comprehensive safety risk
traditionally linked with vehicular sys-tem malfunctions, assessment of vehicles [5].
are now intricately connected with security risks,
originating from the potentiality of malevolent cyber Furthermore, as vehicles increasingly rely on
incursions [3]. advanced algorithms and electronic control systems for
autonomous operation, the imperative for an integrated
This amalgamation’s principal aim is to formulate an approach to safety and security becomes more
all-encompassing methodology, addressing both safety pronounced. The reliability of these systems hinges not
and security risks under a singular framework. This solely on their operational efficiency under standard
unified approach is imperative for augmenting the conditions but also on their robustness against malicious
robustness and resilience of automotive systems. As intrusions and other security perils [3].
vehicles increasingly depend on electronic and software
components and interface with external networks, the A holistic analysis guarantees that safety measures to
likelihood of safety hazards emerging from cybersecurity mitigate specific risks do not unintentionally create new
vulnerabilities intensifies [5]. Consequently, a vulnerabilities. For instance, safety mechanisms designed
methodology that concurrently considers both safety and to override driver control in particular scenarios must be
security is indispensable. impervious to cyber-attacks or unauthorized interference
[1].
An additional incentive for integrating HARA and
TARA lies in the evolving spectrum of threats within the The amalgamation of safety and security analysis is
automotive sector. The progression of connected and crucial in confronting the entire risk spectrum of modern
autonomous vehicles heralds the emergence of unforeseen automotive systems. This integrated methodology is
novel threats. These threats jeopardize vehicular data advantageous for identifying and mitigating risks and
security and may culminate in physical detriment, essential for sustaining consumer confidence and assuring
underscoring the necessity of integrating safety and the enduring success of automotive technologies [5].
security evaluations [1], [8].
 Benefits and Challenges Associated with HATARA:-
Moreover, this objective encompasses refining the The Integrated HATARA (Hazard Analysis and
development process by presenting a holistic perspective Threat Assessment Risk Analysis) Methodology presents
of the risk landscape. This comprehensive outlook numerous advantages and challenges in its application.
facilitates the identification of intersecting areas between
safety and security, thereby preventing redundant efforts
and ensuring that mitigation strategies are harmoniously
aligned [1].

IJISRT24FEB335 www.ijisrt.com 382

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
 Advantages of the Integrated HATARA Methodology: key conclusions drawn from the research, providing a
closure to the discourse presented.
 Comprehensive Risk Assessment: The integrated
HATARA framework allows for an extensive II. BACKGROUND
evaluation of risks, acknowledging the interactions
between safety and security. This holistic perspective A. Concepts and Definitions of HARA and TARA:-
ensures that risks are appraised not in isolation but
concerning their influence on the entire system [5].  Hazard Analysis and Risk Assessment (HARA):
 Increased Development Efficiency: The fusion of HARA constitutes a critical methodology within the
HARA and TARA streamlines the development automotive sec-tor, focusing on identifying and
process. This integration facilitates the concurrent evaluating safety hazards that might inflict harm on
consideration of safety and security, thereby individuals, property, or the environment. This
diminishing the necessity for separate evaluations, structured approach, delineated in the ISO 26262
leading to time and resource conservation [3]. standard, pertains to creating safety-relevant systems
 Enhanced System Dependability and Credibility: An involving electrical, electronic, and software
integrated methodology augments the overall system’s components. The identified risks are categorized by
dependability. The system is fortified against a broad their Automotive Safety Integrity Level (ASIL), which
spectrum of potential failures and threats by is determined based on factors such as Controllability,
concurrently addressing safety and security risks and Severity, and Exposure [3].
elevating user confidence [1].  Threat Analysis and Risk Assessment (TARA): TARA
represents a process dedicated to pinpointing and
 Challenges in Implementing the Integrated HATARA assessing cybersecurity threats that may impair the
Methodology: functionality, integrity, or accessibility of a system or
its data. Integral to the ISO/SAE 21434 standard,
 Complexity in Methodological Alignment: The TARA focuses on the management and scrutiny of
amalgamation of HARA and TARA necessitates electrical systems in road vehicles from a
synchronizing diverse methodologies and principles, a cybersecurity standpoint [12]
complex task. Each methodology encompasses distinct  ISO 26262: ISO 26262 stands as a pivotal
standards and procedures that require harmonization international standard, focusing on the functional
for efficacious integration [9]. safety of electrical and electronic systems in road
 Requirement for Dual Domain Expertise: Executing vehicles. This standard addresses the hazards posed by
an integrated approach demands expertise in both the malfunctions within these systems. It offers
safety and security domains. This dual proficiency is comprehensive guidelines and stipulations for
pivotal for effectively identifying and mitigating risks, functional safety, encompassing an automotive safety
yet it can be challenging to find within a single team lifecycle, vital safety aspects of the development
or individual [10]. process, Automotive Safety Integrity Levels (ASILs),
 Potential for Increased Initial Development Efforts: and stipulations for the validation and confirmation
While the integrated approach may yield long-term measures [13].
efficiency gains, it may entail more intensive planning  ISO 21434: ISO 21434, an international standard
and analysis in the initial stages. Such augmented dedicated to cybersecurity engineering in road
upfront efforts can pose challenges, especially vehicles, establishes guidelines and requirements for
regarding resource distribution and project scheduling executing TARA. It plays a crucial role in ensuring
[11]. that cybersecurity considerations are interwoven
throughout the vehicle’s lifecycle [14].
The structure of the paper is methodically organized
to facilitate a comprehensive understanding of its This emergent standard is designed to confront
contents. Section II offers an in-depth background future challenges in automotive cybersecurity. It
analysis, highlighting the pivotal aspects of ISO 26262 underpins the development of automotive cybersecurity
and ISO 21434 standards, delineating their differences, engineering across various facets: risk assessment
similarities, and the existing gaps between them. It management, product development, operational
elaborates on the significance of integrating these maintenance, and process audit. Central to this standard is
standards within the HATARA framework, addressing its establishing uniform terminology and methodologies for
relevance and the challenges it poses. Following this, risk assessment in the cybersecurity domain. It
Section details the HATARA methodology’s proposed concentrates on the cybersecurity risks associated with the
approach. Section IV applies this methodology to a case design and engineering of vehicular electronics. Table I
study focusing on Autonomous Vehicles (AVs) in both represents the key features of both ISO 26262 and ISO
urban and highway settings, incorporating relevant 21434 standards.
research to support its implementation. A thorough
discussion is presented in Section V, which critically  Similarities between HARA and TARA:
examines the findings and implications of the study. The
paper concludes with Section VI, which encapsulates the

IJISRT24FEB335 www.ijisrt.com 383

 Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
 Both HARA and TARA employ methodical and Assessment) framework stems from contemporary
structured methodologies. vehicles’ escalating intricacy and interconnectivity. This
 These approaches include identifying, analysing, and framework addresses automotive systems’ safety (HARA)
mitigating risks. and security (TARA) aspects. The fundamental objective
 They necessitate documenting and reviewing results of the HATARA framework is to refine and streamline
and procedures [17]. the risk assessment process. Amalgamating HARA and
TARA diminishes redundant efforts, thereby enhancing
 Differences between HARA and TARA: the efficiency and efficacy of risk management within the
automotive industry [18]. HATARA also aims to
 HARA concentrates on safety hazards that may cause guarantee uniformity and comprehensiveness in analysis
physical injury or damage. In contrast, TARA is outcomes. It recognizes and addresses the
oriented towards cybersecurity threats that might interdependencies between safety and security risks,
result in loss of control, privacy intrusions, or data ensuring that mitigation strategies for one domain do not
corruption. inadvertently engender new risks in the other [20]. Table
 For risk assessment, HARA applies metrics such as II illustrates the integration of features from both ISO
severity and probability; contrastingly, TARA utilizes 26262 and ISO 21434 standards, showcasing how they
impact and likelihood as its metrics. interrelate and support each other in the overarching
 They often differ in their respective sources, targets, framework.
and agents of risk [18].
Integrating ISO 26262 (focusing on functional
 Gaps and Limitations: safety) and ISO 21434 (concentrating on cybersecurity)
involves a series of steps:
 Typically, HARA and TARA are conducted
independently, which may lead to potential  Understanding the Scope: Recognize that ISO 26262
inconsistencies, du-plications, or contradictions in deals with hazards arising from malfunctions in
their findings. electronic and electrical systems in vehicles. At the
same time, ISO 21434 is concerned with cybersecurity
 There may be a need for more comprehensive cover-
risks in designing and developing car electronics.
age regarding the interactions and dependencies
between safety and cybersecurity facets.  Leveraging Similarities: Both standards offer
frameworks for the lifecycle of automotive electronic
 HARA and TARA might need to sufficiently address
the dynamic and changing nature of the operational and electrical safety-related systems and adopt a risk-
based approach for determining risk classes, along
environment and the threat landscape [19].
with validation and confirmation measures. These
commonalities can be utilized to forge a unified
B. Purpose of the Integrated HATARA Framework:-
The rationale behind developing an integrated approach.
HATARA (Hazard Analysis and Threat Analysis Risk

Table 1 Key Features of Iso 26262 and Iso 21434 [15], [16]
Key Features ISO 26262 ISO 21434
Scope Addresses potential hazards caused by
malfunctions in electronic and Addresses the cybersecurity risks inherent in the
electrical systems in vehicles design and development of car electronics
Lifecycle Framework Provides a framework for the entire Provides a framework for the entire lifecycle of
lifecycle of auto- motive electronic auto- motive electronic and electrical safety-
and electrical safety-related systems related systems
Risk-Based Approach Has a risk-based approach for Has a risk-based approach for determining risk
determining risk classes classes
Validation and Confirmation Measures Provides requirements for validation Provides requirements for validation and
and confirmation measures confirmation measures
Functional Safety vs Cybersecurity Focuses on functional safety Focuses on cybersecurity
- Addresses the cybersecurity risks inherent in the
Gap Filling design and development of car electronics
Detailed Guidelines and Provides a set of detailed guidelines -
Requirements for Functional Safety and requirements for functional safety
Automotive Cyber security Engineering - Provides a framework for automotive
cybersecurity engineering
Standard Terminology and Methods for -
Risk Assessment in the Field of Establishes a common terminology and methods
Cybersecurity for risk assessment in the field of cybersecurity

IJISRT24FEB335 www.ijisrt.com 384

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Table 2 Features of Integrated Hatara: Fusion of Iso 26262 and Iso 21434 [ 15 ], [ 16
Key Features/Attributes ISO 26262 ISO 21434 Integrated HATARA
Addresses potential hazards caused by ✓ ×
malfunctions in electronic and electrical systems Develop a unified safety policy that addresses both
in vehicles functional safety and cybersecurity risks
Addresses the cybersecurity risks inherent in the × ✓ Develop a unified safety policy that addresses both
de- sign and development of car electronics functional safety and cybersecurity risks
Provides a framework for the entire lifecycle of ✓ ✓ Implement a unified lifecycle framework that
automotive electronic and electrical safety- incorporates both safety and security considerations at
related systems each stage of the lifecycle
Has a risk-based approach for determining risk ✓ ✓ Develop a unified risk assessment process that
classes considers both safety and security risks
✓ ✓ Implement a unified validation and confirmation
Provides requirements for validation and process that verifies safety and security
confirmation measures requirements
✓ × Ensure that both safety and security are considered in
Focuses on functional safety all activities
× ✓ Ensure that both safety and security are considered in
Focuses on cybersecurity all activities
Addresses the cybersecurity risks inherent in the × ✓ Implement a process for identifying and addressing
de- sign and development of car electronics gaps in safety and security
Provides a set of detailed guidelines and ✓ × Develop a unified set of guidelines and requirements
requirements for functional safety addressing functional safety and cybersecurity
Provides a framework for automotive × ✓ Develop a unified set of guidelines and requirements
cybersecurity engineering addressing functional safety and cybersecurity
Establishes a common terminology and methods ✓ Establish a common terminology and methods for risk
for risk assessment in the field of cybersecurity × assessment in the field of both functional safety

 Addressing Differences: Acknowledge that ISO 26262 introducing an innovative, all-encompassing method for
is dedicated to functional safety, whereas ISO 21434 amalgamating safety and security risk assessments. This
focuses on cybersecurity. These differences should be approach fills the prevailing void in automotive system
reconciled to afford equal importance to operational development, where safety and security have traditionally
safety and cybersecurity. been addressed in isolation [21]. Furthermore, the study
 Filling the Gaps: ISO 21434 complements ISO 26262 offers guidance and suggestions for future research
by addressing cybersecurity risks, a dimension not endeavors, pointing towards potential avenues for
covered by ISO 26262. This complementary nature advancing and refining integrated safety and security
should be integral to the integration process. frameworks.
 Developing a Unified Approach: Formulate a cohesive
strategy for functional safety and cybersecurity, under- D. Importance and Challenges
standing that cybersecurity is an extension of safety
rather than an isolated discipline.  In-Depth Evaluation of the Present Approaches: The
 Continuous Improvement: Persistently enhance and research critically examines existing practices in
up-date the integrated approach as both standards automotive safety and security, underscoring the
evolve and new challenges and risks emerge. necessity of an integrated methodology in response to
the dynamic evolution of automotive technologies and
The objective is to ensure that automotive products threats.
and vehicles are compliant and ready for the market,  Recognition of Deficiencies in Current Strategies: It
balancing cybersecurity and functional safety. This acknowledges the shortcomings of current methods,
endeavour requires an appreciation of the notably the absence of a cohesive framework that
interconnectedness of these two standards, recognizing concurrently caters to safety and security aspects in
them as complementary facets of automotive systems’ automotive systems [22].
safety and security.  Innovations and Contributions Rendered by
HATARA: The HATARA model introduces
C. Overview and Contributions:- significant advancements in risk assessment practices
The HATARA methodology is meticulously by integrating safety and security analyses. This
delineated showcasing its implementation in the case of integrated approach not only bolsters risk management
an autonomous vehicle. This illustration is a practical effectiveness but also aids in fostering more resilient
testament to its applicability and effectiveness within the automotive systems.
automotive sector. A primary contribution of this study is

IJISRT24FEB335 www.ijisrt.com 385

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
The integrated HATARA framework fulfills the standards and regulations. These inputs form the
critical need for a unified approach towards safety and foundational basis for the HATARA methodology.
security in the automotive industry. It surpasses existing  Outputs: This methodology’s outputs include
methodologies and offers insightful perspectives for identifying hazards and threats, thorough risk
future innovations in this evolving field. assessments, formulation of mitigation measures, and
comprehensive analysis reports.
III. METHODOLOGY  Tools Utilized in HATARA: A variety of tools can
support the HATARA method. These tools encompass
A. Integrated HATARA Process:- techniques for hazard and threat identification, risk
The HATARA Methodology represents an assessment methodologies, and risk mitigation
innovative approach that amalgamates Hazard Analysis strategies
and Risk Assessment (HARA) with Threat Analysis and
Risk Assessment (TARA). This methodology is designed Benefits of the HATARA Approach: The HATARA
to conduct exhaustive safety and security analyses for methodology addresses the limitations and gaps present in
systems, products, or processes in the automotive existing methods by providing a cohesive framework that
industry. simultaneously considers both safety and security aspects.
It ensures that the analysis results are consistent and
B. Steps of the HATARA Method:- complete, thereby aiding in the decision-making and
implementation processes in the development of
 Defining System and Context: The initial phase automotive systems.
involves determining the system’s scope, goals, and
limitations, encompassing its environment and The integrated HATARA process significantly
operational scenarios [23]. advances automotive safety and security. It presents a
 Identification of Hazards and Threats: This step entails comprehensive and systematic approach to effectively
systematically identifying potential safety hazards and managing modern vehicles’ intricate and interconnected
cybersecurity threats that might impact the system risks.
[24].
 Risk Analysis: In this phase, the risks associated with E. Integrated HATARA Process
the identified hazards and threats are evaluated,
considering their severity, likelihood, and potential  Conceptual Framework:
consequences [25].
 Implementation of Mitigation Strategies: This involves  Development of a Unified Model: Creating a unified
developing and executing strategies to reduce or model is a critical step, integrating the principles of
eliminate the identified risks [26]. Documentation and HARA and TARA to form a comprehensive
Monitoring: The process, outcomes, and actions framework. This model methodically covers safety
implemented are thoroughly documented, with hazards and cybersecurity threats in the automotive
ongoing monitoring for new risks [27]. sector, ensuring a holistic approach to system risk
management [28].
C. Review and Update: The risk assessment is  Construction of a Flowchart: A flowchart that outlines
periodically reviewed and updated to reflect any the HATARA methodology’s steps and interactions
system or environment changes [17].:- visually represents the sequence. It begins with
identifying hazards and threats and culminates in
The HATARA Methodology thus provides a implementing mitigation strategies [29].
structured and comprehensive framework for addressing
safety and security in the automotive sector, ensuring  Identification of Scope:
continuous improvement and adaptation to evolving risks.
 Determining System Boundaries: Defining the
D. Input and Output Tools and Benefits of the Integrated system’s boundaries for analysis is essential,
HATARA Process:- encompassing an understanding of its operational
environment and inter-actions with external factors
 Inputs: The process commences with gathering system [23].
specifications, operational scenarios, and relevant

IJISRT24FEB335 www.ijisrt.com 386

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165

Fig. 1 Process Flow Methodology Implementation for Integrated HATARA Approach

 Criteria for Hazard and Threat Identification:  Prioritization of Risks: Post-integration, risks are
Establishing specific criteria for hazard and threat prioritized based on the assessment outcomes, which
identification is vital. This ensures the analysis is directs the focus toward the most critical areas for
targeted and relevant and effectively identifies mitigation strategies.
potential safety and security risks [30].
 Mitigation Strategy Development:
 Data Collection:
 Formulating Comprehensive Strategies: The
 Gathering Data: Collecting pertinent data on potential development of mitigation strategies encompasses
hazards and threats involves consulting expert considerations of system design, operational
opinions, examining historical data, utilizing procedures, and emergency response plans, ensuring
predictive models, and tapping into industry-specific both safety and security risks are addressed [22].
knowledge bases [18].  Maintaining a Balanced Approach: It is crucial to
 Utilizing Various Information Sources: Employing a ensure that the mitigation strategies are balanced,
range of sources, such as incident reports, simulation safeguarding against compromising one system aspect
outcomes, and industry trends, is crucial for an (safety or security) for the other.
exhaustive and accurate data collection process.
 Documentation and Reporting: In the HATARA
 Risk Analysis: process, meticulous documentation and
comprehensive reporting are pivotal for ensuring
 Severity and Likelihood Evaluation: The process transparency and accountability across the risk
involves a detailed assessment of the severity and assessment and mitigation stages.
likelihood of the identified hazards and threats. This
evaluation can be conducted through quantitative tools  Process Documentation: Documenting each phase of
like risk matrices or qualitative methods, including the HATARA method is critical. This documentation
expert opinions [20]. details the methodologies employed, data gathered,
 Employing Varied Risk Assessment Techniques: decisions made, and the reasoning behind each
Using diverse risk assessment methods is instrumental decision. Such thorough documentation is
in gauging the potential impacts of the identified risks instrumental in establishing a transparent, traceable
on the automotive system. record of the risk assessment and mitigation strategies,
aiding in internal reviews and external audits [25].
 Integration of Findings:  Reporting: The preparation of exhaustive reports
is essential in summarizing the outcomes of the risk
 Cross-referencing Hazards and Threats: Identifying assessment and the implemented mitigation strategies.
potential overlaps or interdependencies between These reports should delineate the identified risks, their
hazards and threats is vital, as this step is critical to a potential impacts, the measures taken for mitigation, and
thorough risk assessment. This identification aids in any remaining risks. They act as a critical communication
comprehending the intricate relationship between mediumfor stakeholders, offering insights into the
safety and security risks [31]. efficacy of the risk management process [32].

IJISRT24FEB335 www.ijisrt.com 387

 Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
 Review and Continuous Improvement: The ethos of The AV’s proficiency in these environments hinges
continuous improvement is integral to the HATARA on its advanced sensory systems and intricate algorithms,
process, ensuring the ongoing relevance and which detect and respond aptly to many static and
effectiveness of the risk assessment and mitigation dynamic factors like vehicles, traffic signs, pedestrians,
strategies. and diverse road conditions. In urban landscapes, the AV
must navigate complex street designs, identify and react
 Periodic Review Mechanisms: Instituting regular to pedestrian activities, and adjust to abrupt traffic
review mechanisms is crucial for maintaining the variations. On highways, it faces challenges such as
efficacy of the HATARA method. These reviews maintaining safe vehicular distances, executing lane
should evaluate the current risk landscape and the shifts, and managing high-speed driving conditions.
effectiveness of existing mitigation strategies and
identify any necessary adjustments. Reviews should be The capability of AVs in these scenarios is further
conducted at predetermined intervals and respond to enhanced by their learning and adaptability to new
significant changes in the system or its operational situations, an aspect that is continuously advancing with
context [33]. technological progress. Research in this field is centered
 Adaptation and Enhancement: The HATARA process on refining the precision and dependability of autonomous
should be adaptable and capable of integrating new systems, bolstering their competence in dealing with the
information, emerging risks, and technological unpredictable dynamics of real-world driving
advancements. Continuous improvement efforts environments.
should refine risk assessment methodologies, update
mitigation strategies, and bolster overall system B. Identifying Hazards and Threats in Autonomous
resilience. This adaptive stance ensures that the Vehicles
HATARA process remains robust and efficacious
amidst the evolving dynamics of automotive safety  HARA (Safety Hazards):-
and security [34].
 Hazard 1: Software Malfunction Leading to Speed
In essence, rigorous documentation and reporting Variability: A prominent risk in Autonomous Vehicles
play a crucial role in upholding the integrity and (AVs) is unintended acceleration or deceleration due
transparency of the HATARA process. Regular to software errors. Such malfunctions can cause
assessments and an ethos of continuous improvement are unexpected speed changes, increasing the risk of loss
vital to ensure that the process stays aligned with of control and potential accidents. Given the intricacy
contemporary safety and security standards in the of AV software systems, addressing this hazard is vital
automotive industry. in the development phase [37].
 Hazard 2: Obstacle Detection System Failure: The risk
IV. CASE STUDY: AUTONOMOUS VEHICLE of the vehicle’s failure to accurately detect and react to
(AV) IN URBAN AND HIGHWAY obstacles, such as other vehicles, pedestrians, or
ENVIRONMENTS roadblocks, is a concern. This could be due to sensor
malfunctions or algorithmic errors. Ensuring the
A. Defining System and Context reliability of sensor fusion and algorithms is crucial in
mitigating this risk [38].
 System Description: The Autonomous Vehicle (AV)
being examined is an intricate ensemble of hardware  TARA (Cybersecurity Threats):
and software geared for autonomous operation,
eliminating the need for human driving input. It  Threat 1: Unauthorized Access via Wireless
incorporates advanced technologies, including sensory Interfaces: A critical cybersecurity threat is the
apparatus like LIDAR, cameras, GPS, actuators, possibility of hackers gaining access to the vehicle’s
control systems, and communication modules. These control systems through wireless networks. This
elements synergize to facilitate autonomous navigation unauthorized access could lead to manipulation of the
and decision-making in the AV [35]. vehicle’s operations. Securing wireless interfaces is
 Operational Context in Different Environments: In essential in mitigating this threat [12].
urban settings, the AV confronts complex maritime  Threat 2: Sensor Data Manipulation: This threat
challenges such as managing intersections, pedestrian involves external entities tampering with the vehicle’s
pathways, and diverse traffic conditions, necessitating sensor data, leading to inaccurate environmental
sophisticated decision-making and environmental perception and incorrect vehicular responses.
interpretation skills. Conversely, highway driving Maintaining the integrity and authenticity of sensor
presents distinct challenges, including sustaining data is crucial to counteract this threat [1].
higher speeds, lane-keeping, and adapting to the
driving behaviors of other vehicles. The AV must
effectively interpret and respond to these multifaceted
inputs to ensure safe functionality across these varied
driving contexts [36].

IJISRT24FEB335 www.ijisrt.com 388

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
The process of identifying these hazards and threats D. Risk Mitigation Strategies
is crucial in the development and deployment of
Autonomous Vehicles. It requires a thorough  HARA (Safety Mitigations):
understanding of the vehicle’s operational capabilities and
potential cybersecurity vulnerabilities. Effectively  Implementation of Redundant Systems: Introducing
addressing these risks is fundamental to ensuring the backup systems for critical functionalities such as
safety and security of AVs across various driving acceleration and braking is crucial. These redundant
contexts. systems act as a safety net, taking over control to
maintain vehicle safety in case of a primary system
C. Analyse Risks failure, thus diminishing the likelihood of accidents
caused by unintended speed changes [37].
 HARA (Safety Risks):  Adoption of Multi-Sensor Fusion Techniques:
Employing an integration of data from diverse sensors,
 Risk Analysis for Unintended Acceleration: Severity: including LIDAR, cameras, and radar, significantly
High. Malfunctions leading to unintended acceleration bolsters the re-liability and precision of obstacle
can result in serious injuries or fatalities due to detection. This method amalgamates inputs from
unpredictable vehicle behavior, posing a substantial various sources, providing a more detailed and
risk to passengers and other road users. Probability: accurate understanding of the vehicle’s surroundings,
Low, provided the vehicle incorporates sophisticated thereby improving its ability to detect and react to
software design and has been subjected to extensive obstacles [38].
testing protocols to mitigate such risks [37].
 Risk Analysis for Obstacle Detection Failure:  TARA (Cybersecurity Mitigations):
Severity: High. Inadequacies in obstacle detection
increase collision risk, significantly elevating safety  Robust Encryption and Secure Authentication:
hazards. Strengthening all wireless communications with robust
 Probability: Medium. The likelihood of this risk encryption and secure authentication protocols is
depends on the sensors’ dependability and essential to thwart unauthorized access. This
performance under various environmental conditions protection extends to vehicle-to-vehicle and vehicle-
[38]. to-infrastructure communications, ensuring only
authorized entities can interact with the vehicle’s
 TARA (Cybersecurity Risks): systems [12].
 Advanced Anomaly Detection Systems: Implementing
 Risk Analysis for Unauthorized Access: Impact: High. sophisticated systems to identify and address abnormal
Unauthorized access can compromise vehicle control patterns or manipulations in sensor data is critical.
and privacy breaches, adversely affecting passenger These systems are designed to detect and counteract
safety and data security. data integrity threats, guaranteeing the vehicle’s
 Likelihood: Medium. While basic cybersecurity operations are based on accurate and reliable sensor
measures can moderate this risk, vulnerabilities still inputs. Machine learning and artificial intelligence
pose a considerable concern [12]. techniques are increasingly employed for such
 Risk Analysis for Sensor Data Manipulation: Impact: anomaly detection [39].
High. Tampering with sensor data can distort the
vehicle’s decision-making, leading to incorrect and Integrating these mitigation strategies across both
potentially hazardous actions. safety and cybersecurity realms is pivotal in assuring
 Likelihood: Low. These attacks typically require Autonomous Vehicles’ overall safety and dependability.
advanced techniques and are less frequent, though This holistic approach to risk mitigation is vital in
ongoing vigilance is essential given the evolving tackling the multifaceted and dynamic array of threats and
nature of cyber-security threats [1]. vulnerabilities that modern AVs encounter.

The risk analysis encompassing safety and E. Document and Monitor

cybersecurity is crucial for assuring Autonomous
Vehicles’ overall dependability and safety. This  Documentation:
comprehensive analysis not only aids in prioritizing risk
mitigation efforts but also steers the development process  Comprehensive Risk Reporting: Creating an in-depth
toward strengthening AVs’ safety and security features. report that encapsulates all identified risks is
fundamental. This document should encompass
detailed evaluations of each risk, including their
severity, probability, or likelihood, and the mitigation
strategies implemented for safety and cybersecurity
concerns.

IJISRT24FEB335 www.ijisrt.com 389

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
 This documentation is a critical resource for crucial for upholding the safety and security integrity
stakeholders, offering a transparent and detailed of the AV system over time. This approach entails
account of the decision-making process and the modifying and enhancing the HARA and TARA
justification for each chosen mitigation approach. It’s processes based on new insights, technological
not just crucial for cur-rent comprehension and advancements, and operational feedback. It ensures
implementation but also serves as a foundation for that the AV system complies with the latest safety
future system modifications or up-dates. Including all and security standards while being equipped to face
pertinent details ensures the process’s replicability and future challenges and risks [11].
auditability [40].
By integrating Hazard and Risk Assessment
 Monitoring: (HARA) with Threat and Risk Assessment (TARA), AV
development teams can adopt a comprehensive approach
 Ongoing System Surveillance: Setting up a perpetual to system safety and security. This unified method not
monitoring system is crucial to verify the efficacy of only pinpoints potential safety hazards and cybersecurity
the applied risk mitigation measures. This should threats but also facilitates the deployment of extensive
involve routine evaluations of the system’s mitigation strategies. The amalgamation of HARA and
performance to confirm that the risk mitigation TARA results in a more resilient and robust design of the
strategies are operating effectively and to pinpoint AV, effectively managing the complex risks associated
potential areas for enhancement. with automated systems. This strategy is indispensable for
 Incorporating updates in response to technological developing AVs that are not only technologically
progress or emerging threats is essential to sustain the sophisticated but also dependable and secure in various
system’s resilience against novel and evolving risks. operational scenarios.
Monitoring should be a continual element of the
system’s lifecycle, adapting to new challenges and G. Exploration of Integrated Safety and Cybersecurity
upholding the highest levels of safety and security. in Automotive Systems:-
This proactive stance ensures that the system remains
robust and equipped to manage the evolving nature of The current study by Martin et al. entitled ‘In Search
safety and cybersecurity threats in the automotive of Synergies in a Multi-Concern Development Lifecycle:
industry [41]. Safety and Cybersecurity’ embarks on an analytical
journey exploring the interconnectedness of functional
In summary, documenting and monitoring are safety and cybersecurity within automotive system
integral components of the risk management framework development [42] . This investigation is anchored in a
in Autonomous Vehicles. These processes ensure that all case study focusing on a crucial component of automated
undertaken measures are meticulously recorded and driving systems. This component is pivotal, aligning with
assessed for their effectiveness, facilitating necessary two essential standards: ISO 26262, pertaining to safety,
adaptations and enhancements to boost the overall safety and ISO/SAE 21434, relating to cybersecurity. The study
and security of the system. not only delves into the specifics of this component but
also offers a broader perspective on the complex interplay
F. Review and Update:- between safety and cybersecurity in the automotive
domain.
The continuous evaluation and refinement of both
Hazard Analysis and Risk Assessment (HARA) and  Comparative Analysis of Development
Threat Analysis and Risk Assessment (TARA) are Methodologies: At the heart of this research is a
essential aspects of the lifecycle of an autonomous vehicle comparative examination of two distinct
(AV) system. Regular review and updates are methodologies in the automotive system lifecycle.
fundamental to ensure that the system remains effective One is an integrative approach, considering safety
and adaptable to changes in its operational environment, and security concurrently, contrasting sharply with a
technological progress, and new threats. traditional, sequential method treating these aspects
separately. This comparative analysis highlights the
 Systematic Review Process: Conducting thorough intricate nature of automotive system development,
and periodic reviews is necessary to completely where safety and security are closely inter-twined.
reevaluate safety hazards and cybersecurity threats.  Insights from the Integrative Approach: Empirical
This process should involve reassessing the severity, findings highlight the integrative approach’s
probability, and impact of identified risks and the benefits, notably in robust analysis and efficient
efficiency of the existing mitigation strategies. Such reuse of testing resources. How-ever, it reveals that
reviews are critical to ensure that risk assessments the amalgamation of safety and security, especially
and mitigation plans remain congruent with the in design and protective measures, has not fully
current state of the AV system and its operational matured. This gap indicates the partial integration of
context [5]. these domains in practical applications.
 Commitment to Continuous Improvement:
Embracing a continuous improvement approach is

IJISRT24FEB335 www.ijisrt.com 390

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
 Positioning Component in Automated Driving: A H. The lifecycle comprises several phases:-
Case Study: The study focuses on an embedded
electronic system in the automotive sector,  Concept Phase: Defining system requirements,
particularly a positioning component crucial for including safety and security objectives, identifying
automated driving. Adherence to ISO 26262 and the positioning component’s functionality, and
ISO/SAE 21434 is paramount. The study compares outlining hazards and threats.
segregated and integrative development  System Design Phase: Developing the system
methodologies, revealing the integrative approach’s architecture to meet requirements, translating safety
superiority in verification and validation but noting and security goals into technical specifications, with
its limited application in design phases. minimal overlap at this stage.
 Separate vs. Integrative Development Strategies:  Hardware/Software Design Phase: Detailing system
The traditional separate approach treats safety and de-sign into hardware and software components,
security as isolated domains, while the integrative marked by limited safety-security interplay.
approach promotes concurrent consideration. This  Implementation Phase: Constructing the designs
research section delves into the strengths and with often independent safety and security measures.
weaknesses of both strategies in automotive system  Verification Phase: Testing the system for
development, highlighting the integrative approach’s compliance, with the integrative approach showing
efficiency in verification and validation, yet its superior effectiveness.
limited overlap in design phases.  Validation Phase: Validating the system against
 The Multi-Concern Development Lifecycle: An initial objectives, where the integrative method
Overview: This part introduces the Multi-Concern ensures comprehensive validation.
Development Lifecycle, guiding the creation of  Operation Phase: Continuous monitoring post-
automotive systems with dual compliance to safety deployment, potentially revisiting previous phases
and security standards. Figure 2 depicts the life cycle for issue resolution.
processes for standard functionality, augmented with
additional functional safety and cybersecurity
activities.

Fig 2 Integration of Automotive Safety (ISO 26262) and Security (ISO/SAE 21434) in Co-engineering Approach [42]

Integrated Verification and Validation: In the realm quality. The primary divergence lies in the necessity to
of verification and validation as expounded in this test specific safety or security mechanisms, which are
treatise, particularly on the right flank of the V-model, the ancillary to the nominal functioning of the product.
scope A for synergistic approaches is significantly Nevertheless, the methodologies for testing these
amplified. This is particularly true for the use case under mechanisms frequently overlap with those used for
scrutiny. The synergies in question predominantly pertain standard procedures.
to testing environments and methodologies employed for
dual aspects. A pivotal observation is that the majority of Three principal domains that stand to gain from
testing mandated by prevailing standards is not integrated engineering strategies have been identified on
exclusively oriented toward safety or cybersecurity. the right side of the composite development lifecycle.
Instead, it is directed at ensuring overarching product These domains encompass the testing environments, the

IJISRT24FEB335 www.ijisrt.com 391

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
objectives of each test within these environments, and the addressed in this paper, all the test objectives, barring the
methodologies utilized to achieve these objectives, as effectiveness of mechanisms, exhibit substantial overlap
depicted in Figure 3. The varying maturity stages of the across the different concerns. This aspect dramatically
implementation are examined using model-in-the-loop facilitates the process of co-verification for both test
(MIL), software-in-the-loop (SIL), and hardware-in-the- environments and objectives. It is noteworthy, however,
loop (HIL) approaches. that the overlap in the “effectiveness of mechanisms”
category is contingent upon factors such as tester
As delineated in Figure 3, the test environments competence and the nature of the mechanisms employed.
correspond to distinct levels of integration: component Prior research indicates that safety mechanisms can
level (test environment 1), system/subsystem level (test positively and negatively affect system security. Parallel
environment 2), and complete vehicle level (test findings are reported regarding the influence of security
environments 3 and 4). These environments offer mechanisms on system safety. Consequently, even in the
substantial advantages in terms of reusability across domain of “effectiveness of mechanisms,” the degree of
different testing criteria, namely nominal function, overlap can be enhanced by elevating the proficiency of
security, and safety. This reusability represents a testers and selecting mechanisms that simultaneously
significant benefit over creating, maintaining, and bolster safety and security, wherever feasible.
operating separate testing infrastructures. Furthermore,
these environments are conducive to regression testing, The paper concludes by underlining the integrative
essential for continuous deployment, and critical for approach’s efficacy in reducing oversight risks and
maintaining security standards. Additionally, they enhancing system assurance. However, it acknowledges
facilitate back-to-back testing in scenarios employing the limited inter-section of safety and security in design
model-driven development. Figure 3 further elucidates the and countermeasures. This highlights the need for a
objectives of these tests, which can be categorized as nuanced approach recognizing their distinct yet
follows: interconnected nature in automotive system development.

Assurance of Specification Implementation V. DISCUSSION

Accuracy
A. Strengths of HATARA:-
 Robustness
 Consistency and Correct Implementation of  Comprehensive and Integrated Approach: HATARA
Interfaces distinguishes itself as an all-encompassing and
 Functional Performance, Precision, and Timing integrated method that concurrently addresses safety
 Effectiveness of Mechanisms and cybersecurity aspects of systems, products, or
These categories aim to identify systematic faults at processes. By amalgamating Hazard.
various integration levels. In the context of the case study

Fig. 3. Overview of Testing Techniques and Objectives

IJISRT24FEB335 www.ijisrt.com 392

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Across Various Integration Levels and Environments [42]
systems or those with minimal integration between
Analysis and Risk Assessment (HARA) with Threat safety and cybersecurity, the complexity entailed in
Analysis and Risk Assessment (TARA), HATARA offers HATARA may not be warranted [45].
a holistic perspective on potential hazards and threats, a
critical aspect in the realm of complex systems such as The identified weaknesses of HATARA underscore
Autonomous Vehicles (AVs) [43]. the necessity of meticulous consideration and strategic
planning in its adoption. Although it provides extensive
 Enhancement of Mitigation Strategies: The fusion of advantages, the intricacy of HATARA and the potential
safety and cybersecurity within the HATARA for trade-offs and conflicts call for a reasonable and well-
framework significantly aids in identifying and considered approach to ensure its effective application in
implementing robust mitigation strategies. This appropriate systems.
integrated approach ensures comprehensive
consideration and handling of all potential risks, C. Implications and Challenges of HATARA
bolstering the overall safety and security of the system
[44].  Impact on System Development and Operation:
 Efficiency in the Analysis Process: HATARA HATARA significantly influences the development
enhances the efficiency and coherence of the risk and operation of systems, especially those
analysis process by reducing redundant and encompassing safety and cybersecurity. It necessitates
inconsistent efforts. Integrating HARA and TARA a precise definition of the system and context to ensure
eliminates the need to conduct separate assessments, a thorough understanding and address of all potential
streamlining the process. This integrated methodology hazards and threats. Meticulous identification and
ensures that safety and security are viewed in isolation assessment of hazards and threats are imperative for
and as interrelated components of a unified framework managing risks in complex systems like Autonomous
[10]. Vehicles (AVs) [43].
 Consistency and Effectiveness in Risk Mitigation: The
The efficacy of the HATARA method lies in its consistent and effective implementation and
capacity to deliver a comprehensive and integrated monitoring of mitigation strategies are vital aspects of
analysis of both safety and cybersecurity risks. By HATARA. It contributes to the streamlining of these
addressing these elements con-currently, HATARA processes. It ensures that safety and cybersecurity
empowers the development of systems, particularly in measures are wellintegrated, continually monitored,
complex domains like autonomous vehicles, to be and updated in response to changes in operational
technologically sophisticated and resilient against a wide environments and technological advancements [10].
range of inherent risks. Such an approach is imperative for  Challenges Associated with HATARA:
ensuring modern automated systems are safe, secure, and
reliable.  Data and Information Quality: The effectiveness of
HATARA is contingent on the availability and quality
B. Weaknesses of HATARA:- of data and information. Accurate and current data are
essential for precise risk assessments, particularly in
 Complexity and Requirement for Specialized dynamic settings such as those encountered by AVs
Expertise: The intricate nature of HATARA and the [45].
need for high-level expertise present significant  Integration and Compatibility of Tools and Methods:
challenges. Implementing this integrated approach, Integrating diverse tools and methodologies required
which encompasses safety and cybersecurity, requires for HATARA poses challenges, especially in complex
collaboration among diverse experts such as engineers, systems that demand various safety and security
cybersecurity specialists, and safety professionals. measures [44].
This complexity necessitates specialized knowledge  Stakeholder Communication and Alignment: Another
and expertise, which can be a hurdle for some significant challenge is to achieve alignment and
organizations [43]. effective communication among various stakeholders,
 Potential for Trade-offs and Conflicts: The merging of including safety engineers, cybersecurity experts,
safety and cybersecurity objectives within HATARA system designers, and operational personnel. This
may lead to potential trade-offs or conflicts, especially involves reconciling differing perspectives and
concerning performance, cost, and usability. objectives [46].
Achieving a balance between these sometimes
competing objectives can be challenging, as The implications and challenges of HATARA
enhancements in one aspect might entail compromises underscore the necessity for extensive planning,
in another [10]. coordination, and collaboration among all parties involved
 Limitations in Applicability: HATARA may not in systems with integrated safety and cybersecurity
universally apply across all systems, products, or features. Despite these challenges, HATARA is crucial in
processes. Its suitability is contingent on the particular ensuring complex systems’ comprehensive safety and
traits and needs of the system in question. In simpler security, particularly in fields where safety and security

IJISRT24FEB335 www.ijisrt.com 393

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
are deeply interconnected, such as in developing unified framework to ensure the development of robust
autonomous vehicles. automotive systems. The methodology is presented as a
step forward in managing the complexity of modern
D. Suggestions for Future Work and Improvement of vehicle systems, highlighting its potential to improve
HATARA:- system resilience against diverse risks. The detailed case
study is delineates a comprehensive overview and
 Development of a Standardized Framework: Future implementation of the proposed HATARA approach.
initiatives in HATARA should focus on creating and
validating a standardized, adaptable framework. This This approach marks notable progress in the
would entail establishing a universally applicable domains of safety and security engineering. HATARA
methodology, especially in safety-critical fields like extends beyond conventional methods by concurrently
automotive and aerospace. A standardized approach addressing both safety hazards and cybersecurity threats.
would promote more comprehensive implementation It explores the complex interplay between these areas,
and ensure uniformity in HATARA’s application ensuring an all-encompassing analysis. Central to
across different systems, products, or processes [43]. HATARA is its integrated framework, which supports
Evaluation and Benchmarking: It is essential to informed decision-making. This framework is critical in
evaluate and compare HATARA with other existing formulating robust risk mitigation strategies that address
and emerging methodologies to gauge its efficacy and safety and security issues, improving the clarity and
efficiency. Benchmarking HATARA against effectiveness of the risk assessment process. HATARA’s
conventional risk assessment methods will highlight dual emphasis on safety and security enables more precise
its strengths and pinpoint areas for enhancement, identification and mitigation of risks. This is especially
offering insights into its advantages over current important in systems where the overlap of safety and
practices [44]. security is significant, and overlooking one could
 Incorporation of Emerging Technologies: Integrating introduce substantial risks.
cutting-edge technologies and techniques, such as
artificial intelligence, machine learning, and advanced HATARA contributes significantly to advancing
analytics, could significantly augment HATARA’s safety and security engineering, merging these two critical
efficiency and effectiveness. These technologies hold fields into a unified risk assessment approach and
promise for automating segments of the risk establishing new standards for integrated methodologies.
assessment process and providing more advanced HATARA’s utility spans multiple sectors, demonstrating
analysis capabilities [47]. its versatility. In the automotive industry, it ensures the
 Conducting Case Studies and Empirical Research: integrity of sophisticated vehicular systems. For
Undertaking more case studies and gathering aerospace, it offers protection for intricate flight control
empirical evidence is crucial to illustrate HATARA’s mechanisms. The healthcare field can apply HATARA to
practical benefits and constraints. Applying HATARA secure delicate medical devices and systems, highlighting
in varied contexts and documenting its influence on its wide-ranging applicability.
system safety and security will offer valuable insights.
Such case studies are instrumental in providing HATARA approach represents a significant leap
feedback and guidelines for the ongoing refinement forward in merging safety and security evaluations. Its
and optimization of the HATARA process [48]. comprehensive, unified strategy and its potential for
widespread application across different sectors underscore
Future research and enhancements in HATARA are its importance as a foundational element in advancing
imperative for its continued development and efficacy in safety and security protocols industry-wide.
addressing the growing complexity of safety and
cybersecurity challenges in contemporary systems. By REFERENCES
focusing on these critical areas, HATARA can be further
refined and adapted to meet the diverse requirements of [1]. Luo, Y. Jiang, Z. Zhang, Y. Ren, and S. Hou,
various industries and applications. “Threat Analysis and Risk Assessment for
Connected Vehicles: A
VI. CONCLUSION Survey,”Secur.Commun.Networks,vol.2021,pp.12
638201126382019,2021.[Online].Available:https://
The article introduces HATARA, a novel consensus.app/papers/threat-analysis-risk-
methodology integrating Hazard Analysis and Risk assessment-
Assessment (HARA) with Threat Analysis and Risk connectedvehiclesluo/f18ce79fa9bd59b480b9d3c0
Assessment (TARA) for automotive systems. This 94e20aba/
integrated approach aims to enhance the identification,
evaluation, and mitigation of safety and security risks,
promoting a more comprehensive understanding of
potential hazards and threats. It underscores the
importance of addressing both safety and security in a

IJISRT24FEB335 www.ijisrt.com 394

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
[2]. Y. Tian, J. Li, and X. Huang, “Integrated risk [9]. P. Bhosale, W. Kastner, and T. Sauter,
analysis of function safety and cyber security on “Automating Safety and Security Risk Assessment
I&C system of HTP-PM with STPA-SafeSec,” in in Industrial Control Systems: Challenges and
International conference on nuclear engineering, Constraints,” 2022 IEEE 27th International
vol. 86397. American Society of Mechanical Conference on Emerging Technologies and
Engineers, 2022, p. V005T05A057. Factory Automation (ETFA), pp. 1–4, 2022.
[3]. A.Barreto and Z.Bachir, “SAHARA: [Online]. Available:
SIMULATION AIDEDHAZARD ANALYSIS https://consensus.app/papers/automating-safety-
AND RISK ASSESSMENT METHODOLOGY,” security risk-assessment-industrial-
WIT transactions on engineering sciences, vol.129, bhosale/cad0a8ad055853b2890cbdc2cb503238/
pp.4153,2020.[Online].Available:https://consensus [10]. A Cormier and C. Ng, “Integrating cybersecurity
.app/papers/sahara-simulation-aided-hazard- in hazard and risk analyses,” Journal of Loss
analysis- Prevention in The Process Industries, vol. 64,
riskassessmentbarreto/dda0cbcd701457e49ba6172 2020.[Online].Available:https://consensus.app/pap
77b789906/ ers/integratingcybersecurityhazard-risk-analyses-
[4]. E.-Y. Kang and S. Hacks, “Safety & Security cormier/a290a2965c6156c5ad39f49fd0494ce8/
Analysis of a Manufacturing System using Formal [11]. A. Patel and P.Liggesmeyer, “Machine
Verification and Attack-Simulation,” in 2023 12th Learning Based Dynamic Risk Assessment for
Mediterranean Conference on Embedded Autonomous Vehicles,”
Computing (MECO). IEEE, 2023, pp. 1–8. 2021InternationalSymposiumonComputer Science
[Online]. and Intelligent
Available:https://ieeexplore.ieee.org/abstract/docu Controls(ISCSIC),pp.7377,2021.[Online].Availabl
ment/10154960/ e:
[5]. M. Khatun, M. Glass, and R. Jung, “An Approach https://consensus.app/papers/machinelearningbase
of Scenario-Based Threat Analysis and Risk ddynamicriskassessmentpatel/96fe81813ae052d29
Assessment Over-the-Air updates for an 1b3bd646ebed182/
Autonomous Vehicle,” 2021 7th International [12]. Y. Kawanishi, H. Nishihara, H. Yoshida, H.
Conference on Automation, Robotics and Yamamoto, and H. Inoue, “A Study on Threat
Applications (ICARA), pp. 122–127, 2021. Analysis and Risk Assessment Based on the
[Online]. Available: “Asset Container” Method andCWSS,”IEEE
https://consensus.app/papers/approach- Access, vol. 11, pp.18148–18 156,
scenariobased-threat-analysis-risk-assessment- 2023.[Online].Available:https://consensus.app/pap
khatun/896cedf347ba5e91a4112b0e5d1f4f58/ ers/studythreatanalysisriskassessmentbasedassetka
[6]. T. Witte, R. Groner, A. Raschke, M. Tichy, I. wanishi/51cdf0a07a5f5aa4a567283269535517/
Pekaric, and M. Felderer,“Towards model co- [13]. P. Mydlowski and S. Moskwa, “New approach
evolution across self-adaptation steps for combined to functional safety work products for advanced
safety and security analysis,” in Proceedings of the automotive projects,” 202 26th International
17th Symposium on Software Engineering for Conference on Methods and Models in
Adaptive and Self-Managing Systems. Pittsburgh Automation and Robotics (MMAR), pp. 342–
Pennsylvania: ACM, May 2022, pp. 106–112. 345,2022. [Online].Available:
[Online]. Available: https://consensus.app/papers/approach-safety-
https://dl.acm.org/doi/10.1145/3524844.3528062 work-products- advanced-projects-
[7]. Macher, H. Sporer, R. Berlach, E. Armengaud, and mydlowski/0d7f4b9a795f52b9821062db5b294208/
C. Kreiner,“SAHARA: A security-aware hazard [14]. G. Costantino,M. Vincenzi, and I. Matteucci, “In
and risk analysis method,” in 2015 Design, Depth Exploration of ISO/SAE 21434 and Its
Automation & Test in Europe Conference & Correlations with
Exhibition (DATE), Mar. 2015, pp. 621–624, ExistingStandards,”IEEECommunicationsStandard
iSSN: 1558-1101. [Online]. Available: sMagazine,vol.6,pp.8492,2022.[Online].Available:
https://ieeexplore.ieee.org/document/7092463 https://consensus.app/papers/indepthexplorationiso
[8]. A.Bolovinou, U.-I. Atmaca, A. T. Sheik, O. Ur- sae21434
Rehman, G. Wallraf,and A. Amditis, “TARA+: correlationsexistingcostantino/cfe9a03e0aa750bab
Controllability-aware Threat Analysis and Risk 9546f3d112e49d0/
Assessment for L3 Automated Driving Systems,” [15]. I.ISO, “26262: 2018: Road vehicles—Functional
in 2019 IEEE Intelligent Vehicles Symposium safety,” British Standards Institute, vol. 12, 2018.
(IV), Jun. 2019, pp. 8–13, iSSN: 2642-7214. [16]. ISO/SAE,“ISO/SAE21434:2021RoadvehiclesCybe
[Online]. Available: rsecurityengineering,”ISO.[Online].Available:https
https://ieeexplore.ieee.org/document/8813999 ://www.iso.org/standard/70918.html

IJISRT24FEB335 www.ijisrt.com 395

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
[17]. D.Pullen,¨ N.Anagnostopoulos, T.Arul, and S. Available:https://consensus.app/papers/facilitating-
Katzenbeisser,“Safety Meets Security: safety-security-codesignformal-analysis-
Using IEC 62443 for aHighly Automated quamara/8142352c42145d19854a5926f5469008/
Road Vehicle,”pp. 325–340, [24]. M. Fockel, D.Schubert, R.Trentinaglia, H.Schulz,
2020.[Online].Available:https://consensus.app/pap and W.Kirmair, “Semi-automatic Integrated Safety
ers/safety-meets-security-using-62443-highly and Security Analysis for Automotive Systems,”
automated-road- pp. 147–154, 2022.
p%C3%BCllen/9dfe73d13d675ad0a2c300ef1e0d7 [Online].Available:https://consensus.app/papers/int
82a/ egrated-safety-security-analysis automotive-
[18]. J. Dobaj, D. Ekert, J. Stolfa, S. Stolfa, G. Macher, systems-
and R. Messnarz,“Cybersecurity Threat Analysis, fockel/ef9b1ae4d0ef5fd187666ee12d981a34/
Risk Assessment and Design Patterns for [25]. M.Saulaiman, M. Kozlovszky, Csilling, A.
Automotive Networked Embedded Ban´ati,´ and A. Benhamida, “Overview of Attack
Systems:ACase Study,”J. Graph Generation For Automotive Systems,” 2022
Univers.Comput.Sci.,vol.27,pp.830849,2021.[Onli IEEE 10th Jubilee International Conference on
ne].Available:https://consensus.app/papers/cyberse Computational Cybernetics and Cyber-Medical
curity-threat-analysisrisk assessment-design- Systems (ICCC), pp. 000 135–000 142, 2022.
dobaj/d9594060fb4a5fc383115089f8983eb5/ [Online]. Avail-able:
[19]. M.Ebrahimi,C.Striessnig,J.C.Triginer,andC.Schmit https://consensus.app/papers/overview-attack-
tner,“IdentificationandVerificationofAttackTreeTh graph-generation-automotive-systems-
reatModelsConnectedVehicles,”ArXiv,vol.abs/221 saulaiman/20a33f04f676527490f9bac8103e0ee4/
2.14435,2022.[Online].Available:https://consensus [26]. Cimatti, S. Corfini, L. Cristoforetti, M. Natale, A.
.app/papers/identificationverificationattacktreethre Griggio, S. Puri, and S. Tonetta, “A comprehensive
atmodelsebrahimi framework for the analysis of automotive
/5d258b61258c566eacaef753eb0d90a0/ systems,” Proceedings of the 25th International
[20]. T. K. Hema, “Integrated Automotive Software Conference on Model Driven Engineering
Quality Management System in compliance with Languages and Systems, 2022. [Online].
AutomotiveSPICE, ISO26262,ISO21448 and Available:
ISO21434 Standards,”InternationalJournal https://consensus.app/papers/framework-analysis-
ofScientificandResearch Publications(IJSRP),2022. systems-
[Online].Available:https://consensus.app/papers/inte cimatti/1693fa8841ef54b89a6ed9666165d6ce/
grated-automotive-software-quality-management [27]. Koley, S. Dey, D. Mukhopadhyay, S. K. Singh, L.
hema/1c9c8af78fd55302a3c121724a1786f3/ Lokesh, and S. V. Ghotgalkar, “CAD support for
[21]. Macher, E. Armengaud, C. Kreiner, E. Brenner, C. Security and Robustness Analysis of Safety-
Schmittner, Z. Ma,H. Martin, and M. Krammer, Critical Automotive Software,” ACM Transactions
“Integration of Securityin the Development on Cyber-Physical Systems, 2022.
Lifecycle of Dependable Automotive CPS,” [Online].Available:https://consensus.app/papers/su
Research Anthology on Artificial Intelligence pportsecurityrobustnessanalysissafetycriticalkoley/
Applications in Security, 2021. [Online]. 1cdead2b56f75f5e9d15e4c0ce3d5fb4/
Available:https://consensus.app/papers/integration- [28]. Gondhalekar, B. Ashreeth, G. R. Thellaputta, D.
security-development-lifecycle-dependable- Venkataramireddy, M. Sumithra, and N.
macher/932a6d7ffd6255dfb0f7b42b9519614b/ Karyemsetty, “A Safety Assessment Model for
[22]. A.Buczacki and P.Piatek,“Proposal for an Automotive Embedded Systems Networks,” in
Integrated Framework for Electronic Control Unit 2022 IEEE 2nd Mysore Sub Section
Design in the InternationalConference(MysuruCon),Oct.2022,pp.
AutomotiveIndustry,”Energies,2021.[Online]Avail 15.[Online].Available:https://ieeexplore.ieee.org/d
able:https://consensus.app/papers/proposalintegrate ocument/9972628
dframeworkeletroniccontrol-unit- [29]. T. Syamsundararao, B. Samatha, P. K. Pinjala, and
buczacki/d3f99daf95665145adbea8b8c77577c5/ N. Karyemsetty, “A Model for the Safety Risk
[23]. M.Quamara, G.Pedroza, and B.Hamid, Evaluation of
“Facilitating Safety and Security Co- ConnectedCarNetwork,”ReviewofComputerEngin
design and Formal Analysis in Multi- eeringResearch,2022.[Online].Available:https://co
layeredSystem Modeling,” 2022 IEEE Intl nsensus.app/papers/model-safety-risk-evaluation-
Confon Dependable, Autonomic and Secure connected-network-
Computing, Intl Confon Pervasive Intelligence syamsundararao/c1e9ce59bac651df84ec5b660145
and Computing, Intl Conf on Cloud and Big bc5e/
Data Computing, Intl Conf on Cyber Science [30]. T. Brandt and T. Tamisier, “The future connected
and Technology Congress car safely developed thanks to UNECE WP.29?” in
(DASC/PiCom/CBDCom/CyberSciTech), pp. 1–8, 21. Internationales stuttgarter sympo-sium, M.
2022. [Online]. Bargende, H.-C. Reuss, and A. Wagner, Eds.

IJISRT24FEB335 www.ijisrt.com 396

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Wiesbaden: Springer Fachmedien Wiesbaden, [39]. A.Lalos, K. Moustakas, and T. Theocharides,
2021, pp. 461–473. “Towards Artificial-Intelligence-Based
[31]. Tor¨ok¨ and Z. Petho,˝ “Introducing safety and Cybersecurity for Robustifying Automated Driving
security co-engineering related research Systems Against Camera Sensor Attacks,” in 2020
orientations in the field of automotive security,” IEEE Computer Society Annual Symposium on
Periodica Polytechnica Transportation VLSI (ISVLSI), Jul. 2020, pp. 476– 481, iSSN:
Engineering, vol. 48, pp. 349–356, 2020. [Online]. 2159-3477. [Online]. Available:
Available: https://api.semanticscholar.org/ https://ieeexplore.ieee.org/ document/9154906
CorpusID:225372819 [40]. P. Piatek, “Incident Management Process Model
[32]. M. Hamad and V. Prevelakis, “SAVTA: A hybrid for Automotive CyberSafety Systems Using the
vehicular threatmodel: Overview and case Business Process Model and Notation,” in 2022
study,” Information-an International 26th International Conference on Methods and
Interdisciplinary Journal, vol. 11, no. 5, 2020, Models in Automation and Robotics (MMAR),
number: 273. [Online].Available: Aug. 2022, pp. 232–237. [Online]. Available:
https://www.mdpi.com/2078-2489/11/5/273 https://ieeexplore.ieee.org/document/9874288
[33]. M. Khosravi-Farmad and A. Ghaemi-Bafghi, [41]. V. K. Kukkala, S. V. Thiruloga, and S. Pasricha,
“Bayesian Decision Network-Based Security Risk “Roadmap for cyberse-curity in autonomous
Management Framework,” Journal of Network and vehicles,” IEEE Consumer Electronics Magazine,
Systems Management, vol. 28, no. 4, pp. 1794– vol. 11, no. 6, pp. 13–23, 2022.
1819, Oct. 2020. [Online]. Available: [42]. M. Skoglund, F. Warg, and B. Sangchoolie, “In
https://doi.org/10.1007/s10922-020-09558-5 search of synergies in a multi-concern
[34]. M. Roy, N. Deb, A. Cortesi, R. Chaki, and N. development lifecycle: Safety and cybersecurity,”
Chaki, “CARO: A Conflict-Aware Requirement in Computer safety, reliability, and security, B.
Ordering Tool for DevOps,” in 2021 IEEE 29th Gallina, A. Skavhaug, E.Schoitsch, and F. Bitsch,
International Requirements Engineering Eds. Cham: Springer International Publishing,
Conference (RE), Sep. 2021, pp. 442–443, iSSN: 2018, pp. 302–313.
2332-6441. [Online]. Available: [43]. T. Kosmowski, E. Piesik, J. Piesik, and M.
https://ieeexplore.ieee.org/document/9604702 Sliwinski,´ “Integrated functional safety and
[35]. Severino, S. Curto, S. Barberi, F. Arena, and G. cybersecurity evaluation in a framework for
Pau, “Autonomous Vehicles: An Analysis Both on business continuity management,” Energies, vol.
Their Distinctiveness and the Potential Impact on 15, no. 10, 2022,number: 3610. [Online].
Urban Transport Systems,” Applied Sciences, vol. Available: https://www.mdpi.com/1996-
11, 2021. [Online]. Available: https: 1073/15/10/3610
//consensus.app/papers/vehicles-analysis-both- [44]. G. Kavallieratos, S. Katsikas, and V. Gkioulos,
their-distinctiveness-potential- “Cybersecurity and Safety Co-Engineering of
severino/2966c1b1fde35bd9b5c5475cee5f02e8/ Cyberphysical Systems—A Comprehensive
[36]. L. Claussmann, M. Revilloud, D. Gruyer, and S. Survey,” Future Internet, vol. 12, no. 4, p. 65,
Glaser, “A review of motion planning for highway Apr. 2020, number:4 Publisher: Multidisciplinary
autonomous driving,” IEEE Transactions on Digital Publishing Institute. [Online].Available:
Intelligent Transportation Systems, vol. 21, no. 5, https://www.mdpi.com/1999-5903/12/4/65
pp. 1826–1848, 2020. [45]. A.A. Ganin, P.Quach, M.Panwar, Z.A.Collier, J.
[37]. Sini and M. Violante, “A simulation-based M. Keisler, D. Marchese, and I. Linkov,
methodology for aiding advanced driver assistance “Multicriteria decision framework for
systems hazard analysis and risk assessment,” cybersecurity risk assessment and
Microelectronics Reliability, vol. 109, 2020. management,” Risk Analysis, vol. 40, no. 1,
[Online]. Available: pp. 183–199,
https://consensus.app/papers/simulationbased- 2020,tex.eprint:https://onlinelibrary.wiley.com/doi/
methodology-aiding-advanced-assistance- pdf/10.1111/risa.12891.[Online].Available:https://
sini/1d866f71fe505197b8ef431954394def/ onlinelibrary.wiley.com/doi/abs/10.1111/risa.1289
[38]. X. Xia, W. Xi, H. Li, and Y. Wang, “Application 1
and comparison of STPA and functional safety [46]. D.Ashenden,“The future human and behavioural
analysis in ACC system,” in Sixth international challenges of cybersecurity,” in The oxford hand
conference on electromechanical control book of cyber security.Oxford University
technology and transportation (ICECTT 2021), Q. Press, Nov.2021,tex.eprint:
Zeng, Ed., vol. 12081. SPIE / International Society https://academic.oup.com/book/0/chapter/3525682
for Optics and Photonics, 2022, p. 120813X. 29/chapter-ag-
[Online]. Available: pdf/55148369/book\41360\section\352568229.ag.p
https://doi.org/10.1117/12.2623891C. Kyrkou, A. df.[Online].Available:https://doi.org/10.1093/oxfor
Papachristodoulou, A. Kloukiniotis, A. dhb/9780198800682.013.48
Papandreou,

IJISRT24FEB335 www.ijisrt.com 397

Volume 9, Issue 2, February – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
[47]. S. Zeadally, E. Adi, Z. Baig, and I. A. Khan,
“Harnessing artificial intel-ligence capabilities to
improve cybersecurity,” IEEE access : practical
innovations, open solutions, vol. 8, pp. 23 817–23
837, 2020.
[48]. Z. Belkhamza, “Cybersecurity in Digital
Transformation applications: Analysis of Past
Research and Future Directions,” International
Conference on Cyber Warfare and
Security, vol. 18, no. 1,19–24, Feb. 2023,
number: 1. [Online]. Available: https:
//papers.academic-
conferences.org/index.php/iccws/article/view/1005

IJISRT24FEB335 www.ijisrt.com 398