Cybersecurity Integration in Safety Cases: SAE J3061 Revision Highlights

SAE International has published a revision to J3061, the cybersecurity guidebook for cyber-physical vehicle systems. The revision significantly strengthens the relationship between security assurance and functional safety arguments, addressing the TARA-to-hazard-analysis interface.

SAE J3061 Rev B: Security-Safety Integration Gets Serious

The original J3061 was a good starting point for automotive cybersecurity, but the interface between security analysis and functional safety was always underspecified. The revision fixes that.

TARA-to-HARA interface: The revision defines a formal process for propagating TARA (Threat Analysis and Risk Assessment) findings into the HARA (Hazard Analysis and Risk Assessment). Security threats that can lead to safety hazards must now be explicitly mapped, with documented residual risk treatment.

Cybersecurity safety requirements: A new concept — "cybersecurity safety requirements" — is introduced for requirements that exist at the intersection of security and safety. These have dual ownership and dual verification obligations.

ASIL assignment for security weaknesses: Guidance on when a cybersecurity weakness should trigger an ASIL decomposition review is now explicit, closing a gap that has caused disagreement between safety engineers and security engineers on many programs.

Implementation timeline: New programs starting after January 2027 will be expected to comply with J3061 Rev B as a baseline.