Automotive Cybersecurity: From Risk Assessment to Mitigation
Doktorsavhandling, 2025
As road vehicles are increasingly defined by their software capabilities and connected service infrastructure, it has become widely accepted that cybersecurity is vital to keep road users and their environment safe and secure. Failures of vehicular cybersecurity can lead to loss of life, severe
injuries, financial losses and breaches of privacy.
Automotive system development faces several challenges, including long development lead times and system life-times, highly heterogeneous hardware, multi-tiered supply chains and legal, safety and real-time requirements. These challenges frame the available design choices. An effective cybersecurity concept must be rooted in a thorough understanding of the risks associated with connected vehicles. Furthermore, efficient processes are essential for responding to newly discovered vulnerabilities and incidents. This thesis aims to deepen our understanding of these issues through three primary objectives: (1) to explore the systematization of threat analysis and risk assessment to facilitate cybersecurity requirements engineering, (2) to examine how cybersecurity engineering processes can be implemented to address cybersecurity issues effectively, and (3) to analyze the influence of automotive technology on the design of cybersecurity measures.
The first part of this thesis focuses on risk assessment and standardization by (a) developing a risk assessment methodology which influenced ISO/SAE 21434, an automotive cybersecurity engineering standard, (b) updating the risk assessment methodology to fully align with the standard, and (c) critically analyzing ISO/SAE 21434 to identify conceptual weaknesses, while proposing improvements to its threat analysis and risk assessment framework, and vulnerability and incident handling processes. The second part focuses on the design and implementation of risk mitigation measures by examining (i) common automotive cybersecurity design issues, (ii) memory exploitation and protection techniques for resource-constrained electronic control units, (iii) the impact of the CAN bus’s technical constraints on authentication protocols and (iv) the potential of 5G telecommunication technology to strengthen security in vehicle-to-everything communication.
injuries, financial losses and breaches of privacy.
Automotive system development faces several challenges, including long development lead times and system life-times, highly heterogeneous hardware, multi-tiered supply chains and legal, safety and real-time requirements. These challenges frame the available design choices. An effective cybersecurity concept must be rooted in a thorough understanding of the risks associated with connected vehicles. Furthermore, efficient processes are essential for responding to newly discovered vulnerabilities and incidents. This thesis aims to deepen our understanding of these issues through three primary objectives: (1) to explore the systematization of threat analysis and risk assessment to facilitate cybersecurity requirements engineering, (2) to examine how cybersecurity engineering processes can be implemented to address cybersecurity issues effectively, and (3) to analyze the influence of automotive technology on the design of cybersecurity measures.
The first part of this thesis focuses on risk assessment and standardization by (a) developing a risk assessment methodology which influenced ISO/SAE 21434, an automotive cybersecurity engineering standard, (b) updating the risk assessment methodology to fully align with the standard, and (c) critically analyzing ISO/SAE 21434 to identify conceptual weaknesses, while proposing improvements to its threat analysis and risk assessment framework, and vulnerability and incident handling processes. The second part focuses on the design and implementation of risk mitigation measures by examining (i) common automotive cybersecurity design issues, (ii) memory exploitation and protection techniques for resource-constrained electronic control units, (iii) the impact of the CAN bus’s technical constraints on authentication protocols and (iv) the potential of 5G telecommunication technology to strengthen security in vehicle-to-everything communication.
Automotive Risk Assessment
Vulnerability Management
Incident Handling
ISO/SAE~21434
Automotive Cybersecurity
V2X Security
CAN authentication
In-Vehicle Network
Memory Protection
EA, EDIT building, Hörsalsvägen 9-11, Gothenburg
Opponent: Prof. Panagiotis Papadimitratos, KTH Royal Institute of Technology, Sweden
Författare
Aljoscha Lautenbach
Chalmers, Data- och informationsteknik, Dator- och nätverkssystem
Gap analysis of ISO/SAE 21434 – Improving the automotive cybersecurity engineering life cycle
IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC,;(2023)p. 1904-1911
Paper i proceeding
Proposing HEAVENS 2.0 – an automotive risk assessment model
Proceedings - CSCS 2021: ACM Computer Science in Cars Symposium,;(2021)
Paper i proceeding
A Preliminary Security Assessment of 5G V2X
IEEE Vehicular Technology Conference,;Vol. 2019-April(2019)
Paper i proceeding
Understanding Common Automotive Security Issues and Their Implications
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11552 LNCS(2019)p. 19-34
Paper i proceeding
What the Stack? On Memory Exploitation and Protection in Resource Constrained Automotive Systems
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 10707 LNCS(2018)p. 185-193
Paper i proceeding
In-vehicle CAN message authentication: An evaluation based on industrial criteria
IEEE Vehicular Technology Conference,;Vol. 2017-September(2017)p. 2413-2419
Paper i proceeding
A risk assessment framework for automotive embedded systems
CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security,;(2016)p. 3-14
Paper i proceeding
Datasäkerhet för fordonssystem i en föränderlig miljö - fas 1 (CyReV)
VINNOVA (2018-05013), 2019-04-01 -- 2021-03-31.
Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)
VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.
Datasäkerhet för fordonssystem i en föränderlig miljö (CyReV fas 2)
VINNOVA (2019-03071), 2019-01-10 -- 2022-03-31.
HEAling Vulnerabilities to ENhance Software Security and Safety (HEAVENS)
VINNOVA (2012-04625), 2013-04-01 -- 2016-03-31.
RICS2: Säkra IT-system för drift och övervakning av samhällskritisk infrastruktur
Myndigheten för samhällsskydd och beredskap, 2021-01-01 -- 2023-12-31.
RIOT: Ett resilient sakernas internet
Myndigheten för samhällsskydd och beredskap (MSB2018-12526), 2019-01-01 -- 2023-12-31.
Styrkeområden
Informations- och kommunikationsteknik
Transport
Ämneskategorier (SSIF 2025)
Kommunikationssystem
Transportteknik och logistik
Inbäddad systemteknik
Säkerhet, integritet och kryptologi
Datorsystem
ISBN
978-91-8103-223-9
Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5681
Utgivare
Chalmers
EA, EDIT building, Hörsalsvägen 9-11, Gothenburg
Opponent: Prof. Panagiotis Papadimitratos, KTH Royal Institute of Technology, Sweden