The vehicle industry is going from traditionally isolated to open systems. As vehicles continuously increase their connectivity to the surrounding world, becoming part of the Internet of Things, exposure becomes potentially world-wide and attacks may happen with speed and scale not possible before.
Adopting secure development techniques provides organizations with a generic level of assurance against the above-mentioned attacks. The key research question at the core of this project is, however, how a project manager can get precise assurance based on material, project-specific evidence that a system being developed is secure enough and can be released.
The goal is to provide managers with a tool to make go/no-go security decisions on product delivery. Such decisions are currently based on experience and intuition, while we aim at supporting evidence-based decisions. The key contribution of this projects is a methodology to build security assurance cases.
Docent vid Chalmers University of Technology, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)
(Funding period missing)
Areas of Advance