Understanding Common Automotive Security Issues and Their Implications
Paper in proceedings, 2018

With increased connectivity of safety-critical systems such as vehicles and industrial control systems, the importance of secure software rises in lock-step. Even systems that are traditionally considered to be non safety-critical can become safety-critical if they are willfully manipulated. In this paper, we identify 8 important security issues of automotive software based on a conceptually simple yet interesting example. The issues encompass problems from the design phase, including requirements engineering, to the choice of concrete parameters for an API. We then investigate how these issues are perceived by automotive security experts through a survey.

The survey results indicate that the identified issues are indeed problematic in real industry use-cases. Based on the collected data, we draw conclusions which problems deserve further attention and how the problems can be addressed. In particular, we find that key distribution is a major issue. Finally, many of the identified issues can be addressed by improved documentation and access to security experts.

Automotive Application Development

Expert Survey

Automotive Security

Author

Aljoscha Lautenbach

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Magnus Almgren

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Tomas Olovsson

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

The International Workshop on Interplay of Security, Safety and System/Software Architecture
Barcelona, ,

Resilient Information and Control Systems (RICS)

Swedish Civil Contingencies Agency, 2015-09-01 -- 2020-08-31.

Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)

VINNOVA, 2016-04-01 -- 2019-03-31.

Areas of Advance

Information and Communication Technology

Transport

Subject Categories

Software Engineering

Computer Science

Computer Systems

More information

Created

1/17/2019