Integrating Automotive SPICE, Functional Safety, and Cybersecurity Concepts: A Cybersecurity Layer Model

Richard Messnarz, Christian Josef Kreiner, Andreas Riel

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Driven by the rapidly increasing share of embedded automotive systems implementing functions for powertrain control, comfort, and driver assistance, the automotive industry has driven the establishment and deployment of standards for ensuring the quality of both the related products and the development processes. While Automotive SPICE (ASPICE) has been transforming the development processes of automotive embedded systems since 2003, the ISO 26262 standard has been applied to cover the integration of functional safety into these systems since 2011. This has become necessary, since an increasing number of automotive embedded systems are safety critical; that is, their malfunctioning might lead to hazards in particular situations. The next particular challenge automotive original equipment manufacturers (OEMs) and their suppliers are facing is cybersecurity, that is, the protection of vehicles and their highly networked electronics subsystems from IT security threats. This article gives a contribution to the OEMs’ and suppliers’ increasing efforts to achieve the integration of ASPICE, functional safety, and cybersecurity in their development processes. Building on their works aiming at the integration of ASPICE and functional safety published previously in SQP, the authors suggest methods to integrate cybersecurity considerations as well.
Original languageEnglish
Pages (from-to)13-23
Number of pages10
JournalSoftware quality professional
Volume18
Issue number4
Publication statusPublished - Sep 2016

Fingerprint

SPICE
Embedded systems
Powertrains
Automotive industry
Hazards
Electronic equipment

Keywords

  • automotive embedded systems
  • Automotive SPICE
  • cybersecurity
  • functional safety

Fields of Expertise

  • Information, Communication & Computing
  • Mobility & Production

Cite this

Integrating Automotive SPICE, Functional Safety, and Cybersecurity Concepts: A Cybersecurity Layer Model. / Messnarz, Richard; Kreiner, Christian Josef; Riel, Andreas.

In: Software quality professional, Vol. 18, No. 4, 09.2016, p. 13-23.

Research output: Contribution to journalArticleResearchpeer-review

Messnarz, Richard ; Kreiner, Christian Josef ; Riel, Andreas. / Integrating Automotive SPICE, Functional Safety, and Cybersecurity Concepts: A Cybersecurity Layer Model. In: Software quality professional. 2016 ; Vol. 18, No. 4. pp. 13-23.
@article{c39e9101d93e4b06ac4906868833aa8c,
title = "Integrating Automotive SPICE, Functional Safety, and Cybersecurity Concepts: A Cybersecurity Layer Model",
abstract = "Driven by the rapidly increasing share of embedded automotive systems implementing functions for powertrain control, comfort, and driver assistance, the automotive industry has driven the establishment and deployment of standards for ensuring the quality of both the related products and the development processes. While Automotive SPICE (ASPICE) has been transforming the development processes of automotive embedded systems since 2003, the ISO 26262 standard has been applied to cover the integration of functional safety into these systems since 2011. This has become necessary, since an increasing number of automotive embedded systems are safety critical; that is, their malfunctioning might lead to hazards in particular situations. The next particular challenge automotive original equipment manufacturers (OEMs) and their suppliers are facing is cybersecurity, that is, the protection of vehicles and their highly networked electronics subsystems from IT security threats. This article gives a contribution to the OEMs’ and suppliers’ increasing efforts to achieve the integration of ASPICE, functional safety, and cybersecurity in their development processes. Building on their works aiming at the integration of ASPICE and functional safety published previously in SQP, the authors suggest methods to integrate cybersecurity considerations as well.",
keywords = "automotive embedded systems, Automotive SPICE, cybersecurity, functional safety",
author = "Richard Messnarz and Kreiner, {Christian Josef} and Andreas Riel",
year = "2016",
month = "9",
language = "English",
volume = "18",
pages = "13--23",
journal = "Software quality professional",
issn = "1522-0540",
number = "4",

}

TY - JOUR

T1 - Integrating Automotive SPICE, Functional Safety, and Cybersecurity Concepts: A Cybersecurity Layer Model

AU - Messnarz, Richard

AU - Kreiner, Christian Josef

AU - Riel, Andreas

PY - 2016/9

Y1 - 2016/9

N2 - Driven by the rapidly increasing share of embedded automotive systems implementing functions for powertrain control, comfort, and driver assistance, the automotive industry has driven the establishment and deployment of standards for ensuring the quality of both the related products and the development processes. While Automotive SPICE (ASPICE) has been transforming the development processes of automotive embedded systems since 2003, the ISO 26262 standard has been applied to cover the integration of functional safety into these systems since 2011. This has become necessary, since an increasing number of automotive embedded systems are safety critical; that is, their malfunctioning might lead to hazards in particular situations. The next particular challenge automotive original equipment manufacturers (OEMs) and their suppliers are facing is cybersecurity, that is, the protection of vehicles and their highly networked electronics subsystems from IT security threats. This article gives a contribution to the OEMs’ and suppliers’ increasing efforts to achieve the integration of ASPICE, functional safety, and cybersecurity in their development processes. Building on their works aiming at the integration of ASPICE and functional safety published previously in SQP, the authors suggest methods to integrate cybersecurity considerations as well.

AB - Driven by the rapidly increasing share of embedded automotive systems implementing functions for powertrain control, comfort, and driver assistance, the automotive industry has driven the establishment and deployment of standards for ensuring the quality of both the related products and the development processes. While Automotive SPICE (ASPICE) has been transforming the development processes of automotive embedded systems since 2003, the ISO 26262 standard has been applied to cover the integration of functional safety into these systems since 2011. This has become necessary, since an increasing number of automotive embedded systems are safety critical; that is, their malfunctioning might lead to hazards in particular situations. The next particular challenge automotive original equipment manufacturers (OEMs) and their suppliers are facing is cybersecurity, that is, the protection of vehicles and their highly networked electronics subsystems from IT security threats. This article gives a contribution to the OEMs’ and suppliers’ increasing efforts to achieve the integration of ASPICE, functional safety, and cybersecurity in their development processes. Building on their works aiming at the integration of ASPICE and functional safety published previously in SQP, the authors suggest methods to integrate cybersecurity considerations as well.

KW - automotive embedded systems

KW - Automotive SPICE

KW - cybersecurity

KW - functional safety

M3 - Article

VL - 18

SP - 13

EP - 23

JO - Software quality professional

JF - Software quality professional

SN - 1522-0540

IS - 4

ER -