Built-in security enhancements for the 1oo2 safety architecture

This paper proposes a high level hardware architecture for safe cyber-physical systems taking into account security concerns. The in the safety domain well known one-out-of-two (1oo2) architecture is extended to allow the implementation of security measures which are designed in a way to be independent from the safety functionality of the system so that the security parts do not have to undergo the rigorous task of functional safety certification. The proposed security measures include software assurance to allow flexible and dynamic systems in the safety domain. Diverse compilation and cross-integrity checks of the system aim at random faults and make the system more difficult to attack. For safe and secure communication with other systems a communication concept utilizing the black channel principle is presented. The focus of this paper lies on the synergies that can be achieve when combining safety and security for the 1oo2 redundant hardware architecture.