The lack of theoretical modeling for the coupling between functional safety and cybersecurity in connected and automated vehicles (CAVs) hinders rigorous risk assessment and standard integration. Method: This study proposes the first Copula-theoretic safety-security joint modeling framework, integrating survival analysis, Weibull hardware failure modeling, and elliptical/Archimedean Copula families to formally characterize the dynamic dependence structure between functional failures and cyberattacks. Contribution/Results: The framework reveals monotonic relationships between joint failure rates and dependence parameters, quantifies the mitigating effect of patch deployment timing, and captures time-varying coupling strength. Simulation results demonstrate high sensitivity of joint failure probability to dependence intensity, patch timing, and Weibull shape/scale parameters, clarifying bidirectional interaction mechanisms. The work establishes a computationally tractable, quantifiable theoretical foundation and methodology for synergistic verification across ISO 26262 (functional safety) and ISO/SAE 21434 (cybersecurity), enabling unified safety-cybersecurity assurance in CAVs.

Safety and security are critical to the reliable operation of connected and automated vehicles (CAVs). While existing research has identified correlations between the two domains, a theoretical framework to analyze their interaction mechanisms and guide co-design remains lacking. To address this gap, this paper proposes a copula-based joint safety-security analysis method to quantify their coupling effects. First, we formulate time-varying cyberattacks using dynamic risk functions derived from survival analysis, while modeling random hardware failures with the Weibull distribution, as per the automotive industry standard ISO 26262. Second, to capture the dependence between functional safety failures and cyber threats, we introduce a joint failure model based on copula theory, employing both elliptical (e.g., Gaussian) and Archimedean (e.g., Frank) copula families to construct a system-level failure function. Furthermore, we provide formal theoretical analysis of the dependence structure in the safety-security coupling, yielding three key insights: (1) a monotonic relationship between joint failure probability and dependence parameters, (2) the mechanisms of defensive response mechanisms (such as patch deployment) in mitigating joint failures, and (3) quantifying the dynamic coupling strength between safety and security under dependence structures. Through comprehensive simulations, we evaluate the sensitivity of the joint failure behavior to three critical factors: copula dependence parameters, security patch deployment timing, and Weibull distribution parameters. Our dynamic failure model further illustrates how cyberattacks affect safety failures and, conversely, how functional faults affect security failures under dependencies structures. This study provides a quantifiable theoretical foundation for the co-design of safety and security in CAVs.