Assurance Cases for Road Vehicles: an Industry Perspective
Paper i proceeding, 2020

Assurance cases are structured arguments that are commonly used to reason about the safety of a product or service. Currently, there is an ongoing push towards using assurance cases for also cybersecurity, especially in safety critical domains, like automotive. While the industry is faced with the challenge of defining a sound methodology to build security assurance cases, the state of the art is rather immature. Therefore, we have conducted a thorough investigation of the (external) constraints and (internal) needs that security assurance cases have to satisfy when used in the automotive industry. This has been done in the context of two large automotive companies. The end result is a set of recommendations that automotive companies can apply in order to define security assurance cases that are (i) aligned with the constraints imposed by the existing and upcoming standards and regulations and (ii) harmonized with the internal product development processes and organizational practices. We expect the results to be also of interest for product companies in other safety critical domains, like healthcare, transportation, and so on.

security

assurance cases

automotive

Författare

Mazen Mohamad

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Alexander Åström

Volvo Cars

Örjan Askerdal

Jörgen Borg

Volvo Cars

Riccardo Scandariato

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

The 15th International Conference on Availability, Reliability and Security (ARES 2020)
Virtual Event, Ireland,

CASUS: Konstruktion av IT-säkerhetsunderlag för öppna fordonssystem

VINNOVA, -- .

Ämneskategorier

Programvaruteknik

Mer information

Senast uppdaterat

2021-05-04