Security is a relatively new topic in the automotive industry. In the former days, the only security defense methods were the engine immobilizer and the anti-theft alarm system. The rising connection of vehicles to external networks made it necessary to extend the security effort by introducing security development processes. These processes include, amongothers, risk analysis and treatment steps. In parallel, the development of ISO/SAE 21434 and UN-ECE No. R155 started. The long development cycles in the automotive industry made it necessary to align the development processes' early designs with the standards' draft releases.
This work aims to design a new consistent, complete and efficient security development process, aligned with the normative references. The resulting development process design aligns with the overall development methodology of the underlying, evaluated development process. Use cases serve as a basis for evaluating improvements and the method designs. This work concentrates on the left leg of the V-Model. Nevertheless, future work targets extensions for a holistic development
approach for safety and security.:I. Foundation
1. Introduction
2. Automotive Development
3. Methodology
II. Meta-Functional Aspects
4. Dependability as an Umbrella-Term
5. Security Taxonomy
6. Terms and Definitions
III. Security Development Process Design
7. Security Relevance Evaluation
8. Function-oriented Security Risk Analysis
9. Security Risk Analysis on System Level
10. Risk Treatment
IV. Use Cases and Evaluation
11. Evaluation Criteria
12. Use Case: Security Relevance Evaluation
13. Use Case: Function-oriented Security Risk Analysis
14. Use Case: System Security Risk Analysis
15. Use Case: Risk Treatment
V. Closing
16. Discussion
17. Conclusion
18. Future Work
Appendix A. Attacker Model Categories and Rating
Appendix B. Basic Threat Classes for System SRA
Appendix C. Categories of Defense Method Properties
Identifer | oai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:86106 |
Date | 02 August 2023 |
Creators | Jakobs, Christine |
Contributors | Werner, Matthias, Tröger, Peter, Schmidt, Karsten, Technische Universität Chemnitz |
Publisher | Universitätsverlag Chemnitz |
Source Sets | Hochschulschriftenserver (HSSS) der SLUB Dresden |
Language | English |
Detected Language | English |
Type | info:eu-repo/semantics/publishedVersion, doc-type:doctoralThesis, info:eu-repo/semantics/doctoralThesis, doc-type:Text |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0035 seconds