CASUS: Building Security Assurance Cases in Automotive Open Systems
Research Project, 2017
– 2021
The vehicle industry is going from traditionally isolated to open systems. As vehicles continuously increase their connectivity to the surrounding world, becoming part of the Internet of Things, exposure becomes potentially world-wide and attacks may happen with speed and scale not possible before.
Adopting secure development techniques provides organizations with a generic level of assurance against the above-mentioned attacks. The key research question at the core of this project is, however, how a project manager can get precise assurance based on material, project-specific evidence that a system being developed is secure enough and can be released.
The goal is to provide managers with a tool to make go/no-go security decisions on product delivery. Such decisions are currently based on experience and intuition, while we aim at supporting evidence-based decisions. The key contribution of this projects is a methodology to build security assurance cases.
Participants
Riccardo Scandariato (contact)
Chalmers, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)
Collaborations
Volvo Cars
Göteborg, Sweden
Volvo Group
Gothenburg, Sweden
Funding
VINNOVA
(Funding period missing)
Related Areas of Advance and Infrastructure
Information and Communication Technology
Areas of Advance