Asset-driven Security Assurance Cases with Built-in Quality Assurance
Paper i proceeding, 2021

Security Assurance Cases (SAC) are structured arguments and evidence bodies used to reason about the security of a certain system.
SACs are gaining focus in the automotive domain as the needs for security assurance are growing.
In this study, we present an approach for creating SAC. The approach is inspired by the upcoming security standards ISO/SAE-21434 as well as the internal needs of automotive Original Equipment Manufacturers (OEMs).
We created the approach by extracting relevant requirements from ISO/SAE-21434 and illustrated it using an example case of the headlamp items provided in the standard.
We found that the approach is applicable and helps to satisfy the requirements for security assurance in the standard as well as the internal compliance needs in an automotive OEM.

assurance cases

automotive systems

security

Författare

Mazen Mohamad

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Örjan Askerdal

Rodi Jolak

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Jan-Philipp Steghöfer

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Testing, Requirements, Innovation and Psychology

Riccardo Scandariato

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

ICSEW'21: Proceedings of the IEEE/ACM 43rd International Conference on Software Engineering Workshops

The 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS 2021)
Virtual Event, Spain,

CASUS: Konstruktion av IT-säkerhetsunderlag för öppna fordonssystem

VINNOVA, -- .

Ämneskategorier

Annan data- och informationsvetenskap

Datavetenskap (datalogi)

Datorsystem

Mer information

Senast uppdaterat

2021-05-04