Top

Published in:

2018 | OriginalPaper | Chapter

Roadblocks on the Highway to Secure Cars: An Exploratory Survey on the Current Safety and Security Practice of the Automotive Industry

Authors : Michael Huber, Michael Brunner, Clemens Sauerwein, Carmen Carlan, Ruth Breu

Published in: Computer Safety, Reliability, and Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With various advances in technology, cars evolved to highly interconnected and complex Cyber-Physical Systems. Due to this development, the security of involved components and systems needs to be addressed in a rigorous way. The resulting necessity of combining safety and security aspects during the development processes has proven to be non-trivial due to the high interference between these aspects and their respective treatment. This paper discusses the results of an exploratory survey on how organizations from the automotive industry in the Euroregion tackle the challenge of integrating safety and security aspects during system development. The observed state of practice shows that there are significant deficits in the integration of both domains. The results of the exploratory survey enabled us to identify the most common challenges of realizing an integrated approach in a practical setting and discuss implications for future research.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Efficient Splitting of Test and Simulation Cases for the Verification of Highly Automated Driving Functions

next chapter Safe and Secure Automotive Over-the-Air Updates

https://salsa.q-e.at/ (Accessed: 02/12/2018).

Almeida, J.R., Camargo, J.B., Cugnasca, P.S.: Safety and security in critical applications and in information systems-a comparative study. IEEE Latin Am. Trans. 11(4), 1127–1133 (2013)CrossRef

Baheti, R., Gill, H.: Cyber-physical systems. Impact Control Technol. 12, 161–166 (2011)

Bloomfield, R., Bishop, P.: Safety and assurance cases: past, present and possible future-an adelard perspective. In: Dale, C., Anderson, T. (eds.) Making Systems Safer, pp. 51–67. Springer, Heidelberg (2010). https://doi.org/10.1007/978-1-84996-086-1_4CrossRef

Brunner, M., Huber, M., Sauerwein, C., Breu, R.: Towards an integrated model for safety and security requirements of cyber-physical systems. In: 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 334–340. IEEE (2017)

Campbell, J.L., Quincy, C., Osserman, J., Pedersen, O.K.: Coding in-depth semistructured interviews problems of unitization and intercoder reliability and agreement. Sociol. Methods Res. 42(3), 294–320 (2013)MathSciNetCrossRef

Derler, P., Lee, E.A., Vincentelli, A.S.: Modeling cyber-physical systems. Proc. IEEE 100(1), 13–28 (2012)CrossRef

Firesmith, D.G.: Common concepts underlying safety security and survivability engineering. Carnegie-mellon University, Pittsburgh, PA, Software Engineering Institute, Technical report (2003)

Friedrich, J., Kuhrmann, M., Sihling, M., Hammerschall, U.: Das V-Modell XT. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-540-76404-5_1CrossRef

Fürst, S., et al.: AUTOSAR-a worldwide standard is on the road. In: 14th International VDI Congress Electronic Systems for Vehicles, Baden-Baden, vol. 62, p. 5 (2009)

10.

Glas, B., et al.: Automotive safety and security integration challenges. In: Automotive-Safety & Security 2014 (2015)

11.

He, W., Yan, G., Da Xu, L.: Developing vehicular data cloud services in the IoT environment. IEEE Trans. Ind. Inform. 10(2), 1587–1595 (2014)CrossRef

12.

ISO/TC 22: ISO/DIS 26262–1 - Road vehicles functional safety Part 1–10. Technical report, Technical Committee 22, Geneva, Switzerland, July 2009

13.

Kannenberg, A., Saiedian, H.: Why software requirements traceability remains a challenge. CrossTalk J. Defense Softw. Eng. 22(5), 14–19 (2009)

14.

Kelly, T.P.: Arguing safety: a systematic approach to managing safety cases. Ph.D. thesis, University of York (1999)

15.

Kitchenham, B.A., Pfleeger, S.L.: Guide to advanced empirical software engineering. Springer, London 46, 48–49 (2008)

16.

Kletz, T.A.: HAZOP and HAZAN: Identifying and Assessing Process Industry Hazards. IChemE, Boca Raton (1999)

17.

Kornecki, A.J., Subramanian, N., Zalewski, J.: Studying interrelationships of safety and security for software assurance in cyber-physical systems: approach based on Bayesian belief networks. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 1393–1399. IEEE (2013)

18.

Kriaa, S., Pietre-Cambacedes, L., Bouissou, M., Halgand, Y.: A survey of approaches combining safety and security for industrial control systems. Reliab. Eng. Syst. Saf. 139, 156–178 (2015)CrossRef

19.

Macher, G., Höller, A., Sporer, H., Armengaud, E., Kreiner, C.: A combined safety-hazards and security-threat analysis method for automotive systems. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 237–250. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24249-1_21CrossRef

20.

Martins, L.E., Gorschek, T.: Requirements engineering for safety-critical systems: overview and challenges. IEEE Softw. 34, 49–57 (2017)CrossRef

21.

Mayring, P., Gläser-Zikuda, M.: Die Praxis der Qualitativen Inhaltsanalyse. Beltz Weinheim (2008)

22.

Nostro, N., Bondavalli, A., Silva, N.: Adding security concerns to safety critical certification. In: 2014 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 521–526. IEEE (2014)

23.

Pedersen Notander, J., Höst, M., Runeson, P.: Challenges in flexible safety-critical software development – an industrial qualitative survey. In: Heidrich, J., Oivo, M., Jedlitschka, A., Baldassarre, M.T. (eds.) PROFES 2013. LNCS, vol. 7983, pp. 283–297. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39259-7_23CrossRef

24.

Piètre-Cambacédès, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Reliab. Eng. Syst. Saf. 110, 110–126 (2013)CrossRef

25.

Ray, S., Chen, W., Bhadra, J., Al Faruque, M.A.: Extensibility in automotive security: current practice and challenges. In: 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6. IEEE (2017)

26.

Runeson, P., Host, M., Rainer, A., Regnell, B.: Case Study Research in Software Engineering: Guidelines and Examples. Wiley, Hoboken (2012)CrossRef

27.

Schoitsch, E., Schmittner, C., Ma, Z., Gruber, T.: The need for safety and cyber-security co-engineering and standardization for highly automated automotive vehicles. In: Schulze, T., Müller, B., Meyer, G. (eds.) Advanced Microsystems for Automotive Applications 2015. LNM, pp. 251–261. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-20855-8_20CrossRef

28.

Sojka, M., Krec, M., Hanzálek, Z.: Case study on combined validation of safety & security requirements. In: 2014 9th IEEE International Symposium on Industrial Embedded Systems (SIES), pp. 244–251. IEEE (2014)

29.

de la Vara, J.L., Borg, M., Wnuk, K., Moonen, L.: An industrial survey of safety evidence change impact analysis practice. IEEE Trans. Softw. Eng. 42(12), 1095–1117 (2016)CrossRef

30.

Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A.: Experimentation in Software Engineering. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29044-2CrossRefMATH

Title: Roadblocks on the Highway to Secure Cars: An Exploratory Survey on the Current Safety and Security Practice of the Automotive Industry
Authors: Michael Huber
Michael Brunner
Clemens Sauerwein
Carmen Carlan
Ruth Breu
Publisher: Springer International Publishing
Book: Computer Safety, Reliability, and Security
Print ISBN: 978-3-319-99129-0

Electronic ISBN: 978-3-319-99130-6

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-319-99130-6_11

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner