Automotive Cybersecurity: From Risk Assessment to Mitigation
Doctoral thesis, 2025
As road vehicles are increasingly defined by their software capabilities and connected service infrastructure, it has become widely accepted that cybersecurity is vital to keep road users and their environment safe and secure. Failures of vehicular cybersecurity can lead to loss of life, severe
injuries, financial losses and breaches of privacy.
Automotive system development faces several challenges, including long development lead times and system life-times, highly heterogeneous hardware, multi-tiered supply chains and legal, safety and real-time requirements. These challenges frame the available design choices. An effective cybersecurity concept must be rooted in a thorough understanding of the risks associated with connected vehicles. Furthermore, efficient processes are essential for responding to newly discovered vulnerabilities and incidents. This thesis aims to deepen our understanding of these issues through three primary objectives: (1) to explore the systematization of threat analysis and risk assessment to facilitate cybersecurity requirements engineering, (2) to examine how cybersecurity engineering processes can be implemented to address cybersecurity issues effectively, and (3) to analyze the influence of automotive technology on the design of cybersecurity measures.
The first part of this thesis focuses on risk assessment and standardization by (a) developing a risk assessment methodology which influenced ISO/SAE 21434, an automotive cybersecurity engineering standard, (b) updating the risk assessment methodology to fully align with the standard, and (c) critically analyzing ISO/SAE 21434 to identify conceptual weaknesses, while proposing improvements to its threat analysis and risk assessment framework, and vulnerability and incident handling processes. The second part focuses on the design and implementation of risk mitigation measures by examining (i) common automotive cybersecurity design issues, (ii) memory exploitation and protection techniques for resource-constrained electronic control units, (iii) the impact of the CAN bus’s technical constraints on authentication protocols and (iv) the potential of 5G telecommunication technology to strengthen security in vehicle-to-everything communication.
injuries, financial losses and breaches of privacy.
Automotive system development faces several challenges, including long development lead times and system life-times, highly heterogeneous hardware, multi-tiered supply chains and legal, safety and real-time requirements. These challenges frame the available design choices. An effective cybersecurity concept must be rooted in a thorough understanding of the risks associated with connected vehicles. Furthermore, efficient processes are essential for responding to newly discovered vulnerabilities and incidents. This thesis aims to deepen our understanding of these issues through three primary objectives: (1) to explore the systematization of threat analysis and risk assessment to facilitate cybersecurity requirements engineering, (2) to examine how cybersecurity engineering processes can be implemented to address cybersecurity issues effectively, and (3) to analyze the influence of automotive technology on the design of cybersecurity measures.
The first part of this thesis focuses on risk assessment and standardization by (a) developing a risk assessment methodology which influenced ISO/SAE 21434, an automotive cybersecurity engineering standard, (b) updating the risk assessment methodology to fully align with the standard, and (c) critically analyzing ISO/SAE 21434 to identify conceptual weaknesses, while proposing improvements to its threat analysis and risk assessment framework, and vulnerability and incident handling processes. The second part focuses on the design and implementation of risk mitigation measures by examining (i) common automotive cybersecurity design issues, (ii) memory exploitation and protection techniques for resource-constrained electronic control units, (iii) the impact of the CAN bus’s technical constraints on authentication protocols and (iv) the potential of 5G telecommunication technology to strengthen security in vehicle-to-everything communication.
Automotive Risk Assessment
Vulnerability Management
Incident Handling
ISO/SAE~21434
Automotive Cybersecurity
V2X Security
CAN authentication
In-Vehicle Network
Memory Protection
EA, EDIT building, Hörsalsvägen 9-11, Gothenburg
Opponent: Prof. Panagiotis Papadimitratos, KTH Royal Institute of Technology, Sweden
Author
Aljoscha Lautenbach
Chalmers, Computer Science and Engineering (Chalmers), Computer and Network Systems
Gap analysis of ISO/SAE 21434 – Improving the automotive cybersecurity engineering life cycle
IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC,;(2023)p. 1904-1911
Paper in proceeding
Proposing HEAVENS 2.0 – an automotive risk assessment model
Proceedings - CSCS 2021: ACM Computer Science in Cars Symposium,;(2021)
Paper in proceeding
A Preliminary Security Assessment of 5G V2X
IEEE Vehicular Technology Conference,;Vol. 2019-April(2019)
Paper in proceeding
Understanding Common Automotive Security Issues and Their Implications
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11552 LNCS(2019)p. 19-34
Paper in proceeding
What the Stack? On Memory Exploitation and Protection in Resource Constrained Automotive Systems
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 10707 LNCS(2018)p. 185-193
Paper in proceeding
In-vehicle CAN message authentication: An evaluation based on industrial criteria
IEEE Vehicular Technology Conference,;Vol. 2017-September(2017)p. 2413-2419
Paper in proceeding
A risk assessment framework for automotive embedded systems
CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security,;(2016)p. 3-14
Paper in proceeding
Cyber Resilience for Vehicles - Cybersecurity for automotive systems in a changing environment - phase1 (CyReV)
VINNOVA (2018-05013), 2019-04-01 -- 2021-03-31.
Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)
VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.
Cyber Resilience for Vehicles - Cybersecurity for automotive systems in a changing environment (CyReV phase 2)
VINNOVA (2019-03071), 2019-01-10 -- 2022-03-31.
HEAling Vulnerabilities to ENhance Software Security and Safety (HEAVENS)
VINNOVA (2012-04625), 2013-04-01 -- 2016-03-31.
RICS2: Resilient Information and Control Systems
Swedish Civil Contingencies Agency, 2021-01-01 -- 2023-12-31.
RIOT: Resilient Internet of Things
Swedish Civil Contingencies Agency (MSB2018-12526), 2019-01-01 -- 2023-12-31.
Areas of Advance
Information and Communication Technology
Transport
Subject Categories (SSIF 2025)
Communication Systems
Transport Systems and Logistics
Embedded Systems
Security, Privacy and Cryptography
Computer Systems
ISBN
978-91-8103-223-9
Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5681
Publisher
Chalmers
EA, EDIT building, Hörsalsvägen 9-11, Gothenburg
Opponent: Prof. Panagiotis Papadimitratos, KTH Royal Institute of Technology, Sweden