The automotive industry faces increasing challenges in ensuring both functional safety (FuSa) and cybersecurity for complex semiconductor devices. Traditional Failure Mode and Effects Analysis (FMEA) primarily addresses safety-related failure modes, often overlooking synergistic vulnerabilities and shared consequences with cybersecurity threats. This paper introduces an Integrated Failure and Threat Mode and Effect Analysis (FTMEA) framework that systematically co-analyzes FuSa and cybersecurity. A cornerstone of this framework is the introduction of rigorously defined Cross-Domain Correlation Factors (CDCFs), which quantify the interdependencies and mutual influences between safety-related failures and cybersecurity threats. These factors are derived from a combination of structured expert knowledge, static structural analysis metrics (e.g., Controllability/Observability), and validated against empirical data from fault/attack injection campaigns. We propose a modified Risk Priority Number (RPN) calculation that systematically integrates these correlation factors, enabling a more accurate and transparent prioritization of risks that span both domains. A detailed case study involving an automotive ASIC configuration register proves the practical application of the FTMEA. We present explicit mapping tables, quantitative CDCF values, and a comparative analysis against a baseline FMEA/TARA (Threat Analysis and Risk Assessment), illustrating how the integrated approach uncovers previously masked cross-domain risks, improves mitigation strategy effectiveness, and provides a clear quantitative justification for the derived correlation values. This framework offers a unified, traceable, methodology for risk assessment in critical automotive systems, thereby overcoming the limitations of conventional analyses and promoting optimized, cross-disciplinary development.

翻译：汽车行业在确保复杂半导体器件的功能安全与网络安全方面面临日益严峻的挑战。传统的失效模式及影响分析主要处理与安全相关的失效模式，往往忽视了与网络安全威胁之间的协同脆弱性及共同后果。本文提出一种集成化失效与威胁模式及影响分析框架，该系统性地共同分析功能安全与网络安全。该框架的核心是引入严格定义的跨域关联因子，用以量化安全相关失效与网络安全威胁之间的相互依赖与影响。这些因子综合了结构化专家知识、静态结构分析指标（如可控性/可观测性），并通过故障/攻击注入实验的实证数据进行验证。我们提出一种改进的风险优先数计算方法，系统性地整合这些关联因子，从而能够更准确、更透明地对跨域风险进行优先级排序。一项针对汽车专用集成电路配置寄存器的详细案例研究验证了FTMEA的实际应用。我们展示了明确的映射表、量化的跨域关联因子值，以及与基线FMEA/TARA的对比分析，阐明该集成方法如何揭示先前被掩盖的跨域风险、提升缓解策略的有效性，并为推导出的关联值提供清晰的量化依据。该框架为关键汽车系统的风险评估提供了一种统一、可追溯的方法论，从而克服了传统分析的局限性，并促进了跨学科的优化开发。