Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Bridging the Gap Between SPI and SMEs in Educational Settings: A Learning Tool Supporting ISO/IEC 29110 Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

Supporting Cyber-Security Based on Hardware-Software Interface Definition

verfasst von : Georg Macher, Harald Sporer, Eugen Brenner, Christian Kreiner

Erschienen in: Systems, Software and Services Process Improvement

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The automotive industry has an annual increase rate of software implemented functions of about 30 %. In the automotive domain the increasing complexity of systems became challenging with consumer demands for advanced driving assistance systems and automated driving functionalities, and the thus broadening societal sensitivity for security and safety concerns, such as remote control of cars by hacking their IT infrastructure.
As vehicle providers gear up for the cyber-security challenges, they can leverage experiences from many other domains, but nevertheless have to face several unique challenges. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems in close relation to ISO 26262. Although functional safety and cyber-security engineering have a considerable overlap regarding many facets, such as analysis methods and system function thinking, the definition of system borders (item definition vs. trust boundaries) often differs largely. Therefore, appropriate systematic approaches to support the identification of trust boundaries and attack vectors for the safety- and cybersecurity-relates aspects of complex automotive systems are essential. In the course of this paper, we analyze a method to identify attack vectors on complex systems via signal interfaces. We focus on a central development artifact of the ISO 26262 functional safety development process, the hardware-software interface (HSI), and propose an extension for the HSI to support the cyber-security engineering process.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Situational Factors in Safety Critical Software Development
Nächstes Kapitel Collective Intelligence-Based Quality Assurance: Combining Inspection and Risk Assessment to Support Process Improvement in Multi-Disciplinary Engineering
Literatur
1.
Bisson, P., Martinelli, F., Granadino, R.R.: Cybersecurity Strategic Research Agenda-SRA. In: European Network and Information Security (NIS) Platform NISP-Working Group, 3 (WG3), vol. v0.96, pp. 1–201, August 2015
2.
Cercone, M., Ernst, T.: An EU cybercrime centre to fight online criminals and protect e-consumers. European Commission-Press release, March 2012
3.
Vehicle Electrical System Security Committee, SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems
4.
ISO-International Organization for Standardization, ISO 26262 Road vehicles Functional Safety Part 1–10 (2011)
5.
The SPICE User Group, Automotive SPICE Process Assessment/Reference Model V3.0, July 2015
6.
Macher, G., Sporer, H., Armengaud, E., Kreiner, C.: A versatile approach for ISO26262 compliant hardware-software interface definition with model-based development. SAE Technical Paper, SAE International (2015)
7.
Sporer, H., Macher, G., Kreiner, C., Brenner, E.: Resilient interface design for safety-critical embedded automotive software. In: Zizka, J., et al., (eds.) Sixth International Conference on Computer Science and Information Technology, CCSIT 2016, Zurich, Switzerland, pp. 183–199. Academy and Industry Research Collaboration Center (AIRCC) (2016)
8.
King, M., Dave, N., Arvind: Automatic generation of hardware/software interfaces. In: Proceedings of the Seventeenth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS XVII, New York, NY, USA, pp. 325–336. ACM (2012)
9.
Cimatti, A., Tonetta, S.: A property-based proof system for contract-based design. In: 2012 38th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 21–28, September 2012
10.
Soderberg, A., Johansson, R.: Safety contract based design of software components. In: 2013 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 365–370, November 2013
11.
Damm, W., Hungar, H., Josko, B., Peikenkamp, T., Stierand, I.: Using contract-based component specifications for virtual integration testing and architecture design. In: Design Automation Test in Europe Conference Exhibition (DATE) 2011, pp. 1–6 (2011)
12.
Iber, J., Höller, A., Rauter, T., Kreiner, C.: Towards a generic modeling language for contract-based design. In: 2015 Workshop Proceedings 2nd International Workshop on Model-Driven Engineering for Component-Based Software Systems (ModComp), p. 24 (2015)
13.
ISO-International Organization for Standardization, ISO/IEC 33000 Series on Process Assessment (2014)
14.
Macher, G., Sporer, H., Armengaud, E., Brenner, E., Kreiner, C.: Using model-based Development for ISO26262 aligned HSI Definition. In: EDCC Conference Proceedings (2015)
15.
Macher, G., Sporer, H., Berlach, R., Armengaud, E., Kreiner, C.: SAHARA: a security-aware hazard and risk analysis method. In: Design Automation Test in Europe Conference Exhibition (DATE) 2015, pp. 621–624 (2015)
16.
ISO-International Organization for Standardization, ISO IEC 7498–1 Information technology-Open Systems Interconnection-Basic Reference Model: The Basic Model (1994)
17.
Brown, D., Cooper, G., Gilvarry, I., Rajan, A., Tatourian, A., Venugopalan, R., Wheeler, D., Zhao, M.: Automotive Security Best Practices, White Paper, pp. 1–17 (2015)
18.
Hahn, T., Matthews, S., Wood, L., Cohn, J., Regev, S., Fletcher, J., Libow, E., Poulin, C., Ohnishi, K.: IBM Point of View: Internet of Things Security, White paper, April 2015
19.
Windriver, Improving Android Security for Automotive with a Defense-In-Depth Strategy, White Paper (2013)
20.
Pallierer, R., Ziehensack, M.: Secure Ethernet Communication for Autonomous Driving, February 2016
21.
Macher, G., Riel, A., Kreiner, C.: Integrating HARA and TARA-How does this fit with Assumptions of the SAE J3061, Software Quality Professional (2016)
22.
Otsuka, S., Ishigooka, T., Oishi, Y., Sasazawa, K.: CAN Security; Coste-Effective Intrusion Detection for Real-Time Control Systems, SAE Technical Paper 2014–01-0340 (2014)
23.
Greenberg, A.: Hackers cut a Corvette’s brakes via a common car gadget, November 2015
24.
Mahaffey, K.: Hacking a Tesla Model S: What we found and what we learned, August 2015
Metadaten
Titel
Supporting Cyber-Security Based on Hardware-Software Interface Definition
verfasst von
Georg Macher
Harald Sporer
Eugen Brenner
Christian Kreiner
Copyright-Jahr
2016
Buch
Systems, Software and Services Process Improvement

Print ISBN: 978-3-319-44816-9

Electronic ISBN: 978-3-319-44817-6

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-44817-6_12