Threat and Risk Assessment Methodologies in the Automotive Domain

Georg Macher, Eric Armengaud, Eugen Brenner, Christian Josef Kreiner

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Safety and security are both qualities that concern the overall system. However, these disciplines are traditionally treated independently in the automotive domain. Replacement of classical mechanical systems with safety-critical embedded systems raised the awareness of the safety attribute and caused the introduction of the ISO26262 standard. In contrast to this, security topics are traditionally seen as attacks of a mechanical nature and as only affecting single vehicles (e.g. door lock and immobilizer related). Due to the increasing interlacing of automotive systems with networks (such as Car2X), new features like autonomous driving, and online software updates, it is no longer acceptable to assume that car fleets are immune to security risks and automated remote attacks. Consequently, future automotive systems development requires appropriate systematic approaches to support cyber security and safety aware development.

Therefore, this paper examines threat and risk assessment techniques that are available for the automotive domain and presents an approach to classify cyber-security threats, which can be used to determine the appropriate number of countermeasures that need to be considered. Furthermore, we present a combined approach for safety and security analysis to be applied in early development phases, which is a pre-requisite for consistent engineering throughout the development lifecycle.
LanguageEnglish
Title of host publicationThe 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016)
PublisherElsevier B.V.
Pages1-7
Number of pages7
StatusPublished - 26 May 2016

Publication series

Name Procedia Computer Science
PublisherElsevier BV
Volume83

Keywords

    Fields of Expertise

    • Mobility & Production
    • Information, Communication & Computing

    Cite this

    Macher, G., Armengaud, E., Brenner, E., & Kreiner, C. J. (2016). Threat and Risk Assessment Methodologies in the Automotive Domain. In The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016) (pp. 1-7). ( Procedia Computer Science; Vol. 83). Elsevier B.V..

    Threat and Risk Assessment Methodologies in the Automotive Domain. / Macher, Georg; Armengaud, Eric; Brenner, Eugen; Kreiner, Christian Josef.

    The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016) . Elsevier B.V., 2016. p. 1-7 ( Procedia Computer Science; Vol. 83).

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Macher, G, Armengaud, E, Brenner, E & Kreiner, CJ 2016, Threat and Risk Assessment Methodologies in the Automotive Domain. in The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016) . Procedia Computer Science, vol. 83, Elsevier B.V., pp. 1-7.
    Macher G, Armengaud E, Brenner E, Kreiner CJ. Threat and Risk Assessment Methodologies in the Automotive Domain. In The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016) . Elsevier B.V.2016. p. 1-7. ( Procedia Computer Science).
    Macher, Georg ; Armengaud, Eric ; Brenner, Eugen ; Kreiner, Christian Josef. / Threat and Risk Assessment Methodologies in the Automotive Domain. The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016) . Elsevier B.V., 2016. pp. 1-7 ( Procedia Computer Science).
    @inproceedings{ff8c38d11e3243e48991fe6b586765e7,
    title = "Threat and Risk Assessment Methodologies in the Automotive Domain",
    abstract = "Safety and security are both qualities that concern the overall system. However, these disciplines are traditionally treated independently in the automotive domain. Replacement of classical mechanical systems with safety-critical embedded systems raised the awareness of the safety attribute and caused the introduction of the ISO26262 standard. In contrast to this, security topics are traditionally seen as attacks of a mechanical nature and as only affecting single vehicles (e.g. door lock and immobilizer related). Due to the increasing interlacing of automotive systems with networks (such as Car2X), new features like autonomous driving, and online software updates, it is no longer acceptable to assume that car fleets are immune to security risks and automated remote attacks. Consequently, future automotive systems development requires appropriate systematic approaches to support cyber security and safety aware development.Therefore, this paper examines threat and risk assessment techniques that are available for the automotive domain and presents an approach to classify cyber-security threats, which can be used to determine the appropriate number of countermeasures that need to be considered. Furthermore, we present a combined approach for safety and security analysis to be applied in early development phases, which is a pre-requisite for consistent engineering throughout the development lifecycle.",
    keywords = "ISO26262, HARA, STRIDE, automotive, safety, Security",
    author = "Georg Macher and Eric Armengaud and Eugen Brenner and Kreiner, {Christian Josef}",
    year = "2016",
    month = "5",
    day = "26",
    language = "English",
    series = "Procedia Computer Science",
    publisher = "Elsevier B.V.",
    pages = "1--7",
    booktitle = "The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016)",
    address = "Netherlands",

    }

    TY - GEN

    T1 - Threat and Risk Assessment Methodologies in the Automotive Domain

    AU - Macher,Georg

    AU - Armengaud,Eric

    AU - Brenner,Eugen

    AU - Kreiner,Christian Josef

    PY - 2016/5/26

    Y1 - 2016/5/26

    N2 - Safety and security are both qualities that concern the overall system. However, these disciplines are traditionally treated independently in the automotive domain. Replacement of classical mechanical systems with safety-critical embedded systems raised the awareness of the safety attribute and caused the introduction of the ISO26262 standard. In contrast to this, security topics are traditionally seen as attacks of a mechanical nature and as only affecting single vehicles (e.g. door lock and immobilizer related). Due to the increasing interlacing of automotive systems with networks (such as Car2X), new features like autonomous driving, and online software updates, it is no longer acceptable to assume that car fleets are immune to security risks and automated remote attacks. Consequently, future automotive systems development requires appropriate systematic approaches to support cyber security and safety aware development.Therefore, this paper examines threat and risk assessment techniques that are available for the automotive domain and presents an approach to classify cyber-security threats, which can be used to determine the appropriate number of countermeasures that need to be considered. Furthermore, we present a combined approach for safety and security analysis to be applied in early development phases, which is a pre-requisite for consistent engineering throughout the development lifecycle.

    AB - Safety and security are both qualities that concern the overall system. However, these disciplines are traditionally treated independently in the automotive domain. Replacement of classical mechanical systems with safety-critical embedded systems raised the awareness of the safety attribute and caused the introduction of the ISO26262 standard. In contrast to this, security topics are traditionally seen as attacks of a mechanical nature and as only affecting single vehicles (e.g. door lock and immobilizer related). Due to the increasing interlacing of automotive systems with networks (such as Car2X), new features like autonomous driving, and online software updates, it is no longer acceptable to assume that car fleets are immune to security risks and automated remote attacks. Consequently, future automotive systems development requires appropriate systematic approaches to support cyber security and safety aware development.Therefore, this paper examines threat and risk assessment techniques that are available for the automotive domain and presents an approach to classify cyber-security threats, which can be used to determine the appropriate number of countermeasures that need to be considered. Furthermore, we present a combined approach for safety and security analysis to be applied in early development phases, which is a pre-requisite for consistent engineering throughout the development lifecycle.

    KW - ISO26262

    KW - HARA

    KW - STRIDE

    KW - automotive

    KW - safety

    KW - Security

    M3 - Conference contribution

    T3 - Procedia Computer Science

    SP - 1

    EP - 7

    BT - The 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016)

    PB - Elsevier B.V.

    ER -