A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context

Georg Macher, Eric Armengaud, Eugen Brenner, Christian Josef Kreiner

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Consumer demands for advanced automotive assistant systems and connectivity of cars to the internet make cyber-security an important requirement for vehicle providers. As vehicle providers gear up for the cyber security challenges, they can leverage experiences from many other domains, but nevertheless, must face several unique challenges. Thus, several security standards are well established and do not need to be created from scratch. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems.

In the course of this document, a review of available threat analysis methods and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. The aim of this work is to provide a position statement for the discussion of available analysis methods and their applicability for early development phases in context of ISO 26262 and SAE J3061.
Keywords
TARAISO 26262SAE J3061AutomotiveSecurity analysis
Original languageEnglish
Title of host publicationInternational Conference on Computer Safety, Reliability, and Security
Subtitle of host publicationSAFECOMP 2016
PublisherSpringer International Publishing AG
Pages130
Number of pages141
DOIs
Publication statusPublished - 2016

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume9922 2016

Keywords

  • TARA
  • ISO 26262
  • SAE J3061
  • Automotive
  • Security analysis

Fields of Expertise

  • Information, Communication & Computing
  • Mobility & Production

Fingerprint Dive into the research topics of 'A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context'. Together they form a unique fingerprint.

  • Projects

    Industrial Informatics

    Höller, A., Preschern, C., Kreiner, C. J., Raschke, W., Sporer, H., Iber, J., Kajtazovic, N., Krisper, M., Sinnhofer, A. D., Macher, G., Rauter, T., Quaritsch, M., Dobaj, J. & Krug, T.

    1/09/12 → …

    Project: Research area

    VIF-MEMCONS - MOdel-based EMbedded CONtrol Software

    Kreiner, C. J. & Macher, G.

    1/01/1331/12/15

    Project: Research project

    Activities

    • 1 Talk at conference or symposium

    SafeComp'16 - International Conference on Computer Safety, Reliability and Security

    Christian Josef Kreiner (Speaker)
    2016

    Activity: Talk or presentationTalk at conference or symposiumScience to science

    Cite this

    Macher, G., Armengaud, E., Brenner, E., & Kreiner, C. J. (2016). A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context. In International Conference on Computer Safety, Reliability, and Security: SAFECOMP 2016 (pp. 130). (Lecture Notes in Computer Science; Vol. 9922 2016). Springer International Publishing AG . https://doi.org/10.1007/978-3-319-45477-1_11