Threat Modeling for Automotive Security Analysis

Ma, Zhenliang; Schmittner, Christoph

doi:10.14257/astl.2016.139.68

Cited by 27 publications

(10 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An IEC 62443 compliant risk analysis was presented by M.Fockel et al [24] for the development of industrial control systems. This methodology was also used by Zhendong Ma and Christoph Schmittner for the threat modelling of connected and intelligent vehicles [25] and by A. Vasenev et al [3] for a automotive case considering specific OTA threats. Nevertheless, it has to be pointed out that the STRIDE methodology addresses the system elements (assets) and threats identification, it does not cover the impact and likelihood estimations, nor the risk computation.…”

Section: Related Workmentioning

confidence: 99%

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Mugarza

Yarza

Agirre

et al. 2021

2021 5th International Conference on System Reliability and Safety (ICSRS)

View full text Add to dashboard Cite

The raising connectivity of critical embedded systems makes them vulnerable to cyber-security attacks that compromise not only privacy but also safety. This results in intricate dependencies between functional safety and security, and higher demands to address both disciplines simultaneously. However, there are still many gaps on the common application of functional safety and cyber-security standards. Over-The-Air (OTA) software updates are a clear example of this challenge. While the installation of regular software upgrades is a crucial cyber-security practice to keep the system up-to-date with the latest security patches, they might involve high re-certification efforts and costs from a safety standpoint. In this paper, a safety and security concept for software updates on mixed-criticality systems is presented. Particularly, a combined safety and security risk assessment on an automotive use case is performed and risk mitigation measures proposed.

show abstract

Section: Related Workmentioning

confidence: 99%

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Mugarza

Yarza

Agirre

et al. 2021

2021 5th International Conference on System Reliability and Safety (ICSRS)

View full text Add to dashboard Cite

show abstract

“…For security ISO/SAE 21434 [6] is still in development and SAE J3061 was pushed back to work in progress. We use threat modeling as a well established security analysis method for the automotive domain [28], [29], [30]. In order to support a consistent engineering workflow we utilize a threat modeling add-in for Enterprise Architect (EA) [31] 12 .…”

Section: Application Of the Approachmentioning

confidence: 99%

Combined automotive safety and security pattern engineering approach

Martin

Ma²,

Schmittner

et al. 2020

Reliability Engineering & System Safety

View full text Add to dashboard Cite

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane-it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.

show abstract

“…Several of the general approaches involve techniques for security threat assessments and workflows to support security-aware development [55,56]. For example, SAHARA [57] combines hazard and risk analysis with security threat modeling for automotive systems.…”

Section: Security Solutions For Automotive Systemsmentioning

confidence: 99%

Security Patterns for Connected and Automated Automotive Systems†

Cheng¹,

Doherty²,

Polanco³

et al. 2020

JASEN

View full text Add to dashboard Cite

As automotive systems become increasingly sophisticated with numerous onboard features that support extensive inward and outward-facing communication, cybersecurity vulnerabilities are exposed. The relatively recent acknowledgement of automotive cybersecurity challenges has prompted numerous research efforts into developing techniques to handle individual threat vectors, the pathways and threat surfaces by which an attack can be realized. Security design patterns have been developed for many application domains (e.g., enterprise systems, networking systems, and distributed systems), but not much has been explored for automotive systems. This paper introduces a collection of security design patterns targeted for automotive cybersecurity needs. We leverage and extend the de facto standard template used to describe design patterns to include fields specific to the automotive domain and SAE J3061 cybersecurity development guidelines.

show abstract

Threat Modeling for Automotive Security Analysis

Cited by 27 publications

References 3 publications

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Safety and Security Concept for Software Updates on Mixed-criticality Systems

Combined automotive safety and security pattern engineering approach

Security Patterns for Connected and Automated Automotive Systems†

Contact Info

Product

Resources

About