nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Safe and Secure Automotive Over-the-Air Updates

verfasst von : Thomas Chowdhury, Eric Lesiuta, Kerianne Rikley, Chung-Wei Lin, Eunsuk Kang, BaekGyu Kim, Shinichi Shiraishi, Mark Lawford, Alan Wassyng

Erschienen in: Computer Safety, Reliability, and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Over-the-air updates have been used for years in the software industry, allowing bug fixes and enhancements to desktop, laptop, and mobile operating systems and applications. Automotive vehicles now depend on software to the extent that manufacturers are turning to over-the-air updates for critical vehicle functionality. History shows that our software systems are most vulnerable to lapses in safety and dependability when they undergo change, and performing an update over a communication channel adds a significant security concern. This paper presents our ideas on assuring integrated safety and security of over-the-air updates through assurance case templates that comply with both ISO 26262 (functional safety) and SAE J3061 (cyber-security). Wisely, the authors of SAE J3061 structured the guidebook so that it meshes well with ISO 26262, and we have been able to use principles we developed for deriving an assurance case template from ISO 26262, to help include compliance with SAE J3061 in the template. The paper also demonstrates how a specialization of the template helps guide us to pre-emptively mitigate against potential vulnerabilities in over-the-air update implementations.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Roadblocks on the Highway to Secure Cars: An Exploratory Survey on the Current Safety and Security Practice of the Automotive Industry

Nächstes Kapitel Dependability Analysis of the AFDX Frame Management Design

Amorim, T., et al.: Systematic pattern approach for safety and security co-engineering in the automotive domain. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10488, pp. 329–342. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66266-4_22CrossRef

Aroms, E., et al.: NIST Special Publication 800–30 Risk Management Guide for Information Technology Systems (2012)

Barber, A.: Status of work in process on ISO/SAE 21434 Automotive Cybersecurity Standard. https://www.sans.org/summit-archives/file/summit-archive-1525889601.pdf. Accessed 28 May 2018

BBC News: Faulty update breaks Lexus cars’ maps and radio systems. http://www.bbc.com/news/technology-36478641. Accessed 08 Jun 2016

Bloomfield, R., Bishop, P., Jones, C., Froome, P.: ASCAD. Adelard Safety Case Development Manual, Adelard (1998). ISBN 0-9533771-0 5

Bloomfield, R., Netkachova, K., Stroud, R.: Security-informed safety: if it’s not secure, it’s not safe. In: Gorbenko, A., Romanovsky, A., Kharchenko, V. (eds.) SERENE 2013. LNCS, vol. 8166, pp. 17–32. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40894-6_2CrossRef

Chowdhury, T., Lin, C.W., Kim, B., Lawford, M., Shiraishi, S., Wassyng, A.: Principles for systematic development of an assurance case template from ISO 26262. In: IEEE International Symposium on Software Reliability Engineering, pp. 69–72, October 2017

Friedberg, I., McLaughlin, K., Smith, P., Laverty, D., Sezer, S.: STPA-SafeSec: safety and security analysis for cyber-physical systems. J. Inf. Secur. Appl. 34, 183–196 (2017)

Graydon, P., Knight, J., Strunk, E.: Assurance based development of critical systems. In: 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007, pp. 347–357, June 2007

10.

ISO: 26262: Road vehicles-Functional safety. International Standard ISO 26262 (2011)

11.

ISO/SAE AWI: 21434: Road vehicles-Cybersecurity Engineering [Under development]

12.

ISO/WD PAS: 21448: Road vehicles - Safety of the intended functionality [Under development]

13.

Karthik, T., Brown, A., Awwad, S., McCoy, D., Bielawski, R., Mott, C., Lauzon, S., Weimerskirch, A., Cappos, J.: Uptane: securing software updates for automobiles. In: International Conference on Embedded Security in Car, pp. 1–11 (2016)

14.

Kelly, T.: Arguing safety - a systematic approach to managing safety cases. Ph.D. thesis, University of York, September 1998

15.

Lauzon, S.: Secure software updates for automotive systems: introduction to the Uptane SOTA solution, May 2017

16.

Leveson, N.: Engineering a Safer World: Systems Thinking Applied to Safety. MIT Press, Cambridge (2011)

17.

Macher, G., Armengaud, E., Brenner, E., Kreiner, C.: Threat and risk assessment methodologies in the automotive domain. Procedia Comput. Sci. 83, 1288–1294 (2016)CrossRef

18.

Microsoft: Microsoft threat modeling tool. https://www.microsoft.com/en-us/download/details.aspx?id=49168. Accessed 20 Sept 2017

19.

Microsoft: The STRIDE threat model. https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx. Accessed 20 Sept 2017

20.

NCC Group: The Automotive Threat Modeling Template. https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/july/the-automotive-threat-modeling-template/. Accessed 20 Sept 2017

21.

Netkachova, K., Müller, K., Paulitsch, M., Bloomfield, R.: Security-informed safety case approach to analysing MILS systems (2015)

22.

Pereira, D., Hirata, C., Pagliares, R., Nadjm-Tehrani, S.: Towards combined safety and security constraints analysis. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10489, pp. 70–80. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66284-8_7CrossRef

23.

Procter, S., Vasserman, E.Y., Hatcliff, J.: Safe and secure: deeply integrating security in a new hazard analysis. In: ARES, p. 66. ACM (2017)

24.

SAE International: SAE J3061-Cybersecurity Guidebook for Cyber-Physical Automotive Systems. SAE-Society of Automotive Engineers (2016)

25.

Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)

26.

Spaan, R., Batina, L., Schwabe, P., Verheijden, S.: Secure updates in automotive systems, pp. 1–71. Radboud University, Nijmegen (2016)

27.

Summers, A., Tickner, C.: What is Security Analysis. http://www.doc.ic.ac.uk/~ajs300/security/CIA.htm. Accessed 20 Sept 2017

28.

US Department of Transportation: Architecture reference for cooperative and intelligent transportation. https://local.iteris.com/arc-it/. Accessed 24 Feb 2018

29.

Wassyng, A., Joannou, P., Lawford, M., Maibaum, T.S., Singh, N.K.: Chapter 13 new standards for trustworthy cyber-physical systems. In: Trustworthy Cyber-Physical Systems Engineering, pp. 337–368. CRC Press (2016)

30.

Wassyng, A., Maibaum, T., Lawford, M., Bherer, H.: Software certification: is there a case against safety cases? In: Calinescu, R., Jackson, E. (eds.) Monterey Workshop 2010. LNCS, vol. 6662, pp. 206–227. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21292-5_12CrossRef

31.

Webtrend: threat modeling with STRIDE. https://www.webtrends.com/blog/2015/04/threat-modeling-with-stride/. Accessed 20 Sept 2017

32.

Young, W., Leveson, N.: Systems thinking for safety and security. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 1–8. ACM (2013)

Titel: Safe and Secure Automotive Over-the-Air Updates
verfasst von: Thomas Chowdhury
Eric Lesiuta
Kerianne Rikley
Chung-Wei Lin
Eunsuk Kang
BaekGyu Kim
Shinichi Shiraishi
Mark Lawford
Alan Wassyng
Verlag: Springer International Publishing
Buch: Computer Safety, Reliability, and Security
Print ISBN: 978-3-319-99129-0

Electronic ISBN: 978-3-319-99130-6

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-99130-6_12

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner