Improving Automotive Software Cybersecurity

By Alexander Heyers

For developers of automotive systems, the move towards more rigorous process standards raises concerns around increased development time and cost. In addition, with the dramatic increase in the amount of code in today’s automobiles and the cybersecurity concerns associated with connectivity, the risk of injury or death caused by software errors has raised the stakes for developers. Even without a catastrophic event, no developer wants to be identified as the cause of an expensive vehicle recall due to a software error.

Achieving ISO21434/ISO26262 Compliance with Siemens Polarion for Automotive and the LDRA Productivity Package for Automotive

While ISO 26262 (the standard that governs the functional safety of electrical and/or electronic (E/E) systems within road vehicles) remains pertinent today, it was introduced before the emergence of the connected car, and it does not specifically address the risks associated with connectivity. ISO 21434 (the standard that provides a process-related framework for secure software development) is therefore complementary to ISO 26262, and common language is used in the two standards recognition of that.

Automotive software development using Siemens Polarion together with the LDRA Productivity Package
Figure 1 – Automotive software development using Siemens Polarion together with the LDRA Productivity Package

Siemens Polarion for Automotive provides ready-to-use solutions for ISO 26262 and ISO 21434. The solution for ISO 26262 allows for management of the functional safety artifacts including Hazards, Safety Goals, and Functional Safety Concepts. It provides a framework to complete Hazard Analysis and Risk Assessments (HARA) and Failure Modes and Effect Analyses (FMEA) directly in Polarion.

Using the solution for ISO 21434, software engineers can document their cyber security readiness together with the managed assets in one place. In addition to providing a Cybersecurity Management System framework, the solution allows the completion of the Threat and Risk Assessments (TARA).  Siemens Polarion for Automotive provides a predefined workflow with a permission model and baselining options that can be re-used across projects to save time and improve quality.

Figure 2 – Polarion for Automotive orchestrates the Functional Safety and Cybersecurity workflows

By using the LDRA Productivity Package for Automotive together with the Siemens Polarion Integration and Siemens Polarion for Automotive, the cost and time to achieve ISO 26262 and ISO 21434 compliance for software items is greatly reduced, while quality and predictability are improved. 

The LDRA Productivity Package for Automotive helps developers of security- and safety-critical automotive systems meet these software quality and test requirements:

In addition, the LDRA productivity package supports the AUTOSAR Classic and AUTOSAR Adaptive platforms, including support for MISRA and AUTOSAR standards for static analysis, and integration with AUTOSAR OS and POSIX compliant RTOSs for dynamic analysis, including unit test.

The integrated Siemens Polarion for Automotive and LDRA solution supports Model-based Design. The combined solution provides integrations with some of the market-leading model-based development environments, including MathWorks Simulink and IBM Rhapsody.

About Siemens Polarion for Automotive

To find out more about Siemens Polarion for Automotive and our cloud-based deployment, visit the Polarion for Automotive website here and our Siemens Polarion website here.

About LDRA

LDRA is an established leader in the verification, validation, and assurance of critical embedded software. We have been consistently setting industry benchmarks through our pioneering solutions for over 45 years. LDRA continues to develop and drive the market for software tools that automate code analysis and software testing for safety-, mission-, security-, and business-critical markets, often in compliance with functional safety, process, or cybersecurity standards. In tandem with our customer-focused certification services and consultancy offerings, LDRA tools achieve early error identification and elimination, tracing requirements through static and dynamic analysis to unit testing and verification for a wide variety of hardware and software platforms.

To find out more about LDRA Solutions for Automotive, visit the LDRA website here.

Leave a Reply

This article first appeared on the Siemens Digital Industries Software blog at