CASUS: Building Security Assurance Cases in Automotive Open Systems

The vehicle industry is going from traditionally isolated to open systems. As vehicles continuously increase their connectivity to the surrounding world, becoming part of the Internet of Things, exposure becomes potentially world-wide and attacks may happen with speed and scale not possible before.
Adopting secure development techniques provides organizations with a generic level of assurance against the above-mentioned attacks. The key research question at the core of this project is, however, how a project manager can get precise assurance based on material, project-specific evidence that a system being developed is secure enough and can be released.

The goal is to provide managers with a tool to make go/no-go security decisions on product delivery. Such decisions are currently based on experience and intuition, while we aim at supporting evidence-based decisions. The key contribution of this projects is a methodology to build security assurance cases.

Participants

Riccardo Scandariato (contact)

Docent vid Chalmers University of Technology, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)

Collaborations

Volvo Cars

Göteborg, Sweden

Volvo Group

Gothenburg, Sweden

Funding

VINNOVA

(Funding period missing)

Related Areas of Advance and Infrastructure

Information and Communication Technology

Areas of Advance

More information

Latest update

2018-02-14