The exciting new features, such as advanced driver assistance systems, fleet management systems, and autonomous driving, drive the need for built-in security solutions and architectural designs to mitigate emerging security threats. Thus, cybersecurity joins reliability and safety as a cornerstone for success in the automotive industry. As vehicle providers gear up for cybersecurity challenges, they can capitalize on experiences from many other domains, but nevertheless must face several unique challenges. Therefore, this article focuses on the enhancement of state-of-the-art development lifecycle for automotive cyber-physical systems toward the integration of security, safety and reliability engineering methods. Especially, four engineering approaches (HARA at concept level, FMEA and FTA at design level and HSI at implementation level) are extended to integrate security considerations into the development lifecycle.
The advent of initiatives like Industry 4.0 promises increased operational efficiency through smart services and interconnected devices. To enable smart maintenance services for today's and future industrial equipment, regular status information must be transmitted from device customers to maintenance service providers over the Internet. However, simply attaching an industrial device to the Internet often leads to a security and privacy nightmare. Transparency about when and what data is being transmitted is of crucial interest to a customer. During transport, data must be protected against modifications and disclosure. A maintainer requires trust in the data's origin and integrity.In this paper, we propose ESTADO, a system that enables smart services by providing the necessary connectivity from industrial equipment to service providers for device state tracking. Our system design focuses on the migration of current devices and the security aspect. Using a non-permanent NFC based connection, connectivity is only established ad-hoc on customer demand, and any data transmission is fully transparent to a customer. We study our design through a prototype implementation using an Infineon security controller and evaluate the security, usability and deployment aspects of our solution.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.