A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context

Georg Macher; Eric Armengaud; Eugen Brenner; Christian Josef Kreiner

doi:10.1007/978-3-319-45477-1_11

A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context

Georg Macher, Eric Armengaud, Eugen Brenner, Christian Josef Kreiner

Institut für Technische Informatik (4480)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

Consumer demands for advanced automotive assistant systems and connectivity of cars to the internet make cyber-security an important requirement for vehicle providers. As vehicle providers gear up for the cyber security challenges, they can leverage experiences from many other domains, but nevertheless, must face several unique challenges. Thus, several security standards are well established and do not need to be created from scratch. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems.

In the course of this document, a review of available threat analysis methods and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. The aim of this work is to provide a position statement for the discussion of available analysis methods and their applicability for early development phases in context of ISO 26262 and SAE J3061.
Keywords
TARAISO 26262SAE J3061AutomotiveSecurity analysis

Originalsprache	englisch
Titel	International Conference on Computer Safety, Reliability, and Security
Untertitel	SAFECOMP 2016
Herausgeber (Verlag)	Springer International Publishing AG
Seiten	130
Seitenumfang	141
DOIs	https://doi.org/10.1007/978-3-319-45477-1_11
Publikationsstatus	Veröffentlicht - 2016

Publikationsreihe

Name	Lecture Notes in Computer Science
Herausgeber (Verlag)	Springer
Band	9922 2016

Fields of Expertise

Information, Communication & Computing
Mobility & Production

Zugriff auf Dokument

10.1007/978-3-319-45477-1_11

http://link.springer.com/chapter/10.1007/978-3-319-45477-1_11

1 Abgeschlossen
1 Laufend

Industrial Informatics
Macher, G., Dobaj, J., Krug, T., Blažević, R. & Veledar, O.
1/09/12 → …
Projekt: Arbeitsgebiet
VIF-MEMCONS - MOdel-based EMbedded CONtrol Software
Kreiner, C. J. & Macher, G.
1/01/13 → 31/12/15
Projekt: Forschungsprojekt

SafeComp'16 - International Conference on Computer Safety, Reliability and Security
Christian Josef Kreiner (Redner/in)
2016
Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science

Dieses zitieren

Macher, G., Armengaud, E., Brenner, E., & Kreiner, C. J. (2016). A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context. in International Conference on Computer Safety, Reliability, and Security: SAFECOMP 2016 (S. 130). (Lecture Notes in Computer Science; Band 9922 2016). Springer International Publishing AG . https://doi.org/10.1007/978-3-319-45477-1_11

A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context. / Macher, Georg; Armengaud, Eric; Brenner, Eugen et al.
International Conference on Computer Safety, Reliability, and Security: SAFECOMP 2016. Springer International Publishing AG , 2016. S. 130 (Lecture Notes in Computer Science; Band 9922 2016).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Macher, G, Armengaud, E, Brenner, E & Kreiner, CJ 2016, A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context. in International Conference on Computer Safety, Reliability, and Security: SAFECOMP 2016. Lecture Notes in Computer Science, Bd. 9922 2016, Springer International Publishing AG , S. 130. https://doi.org/10.1007/978-3-319-45477-1_11

@inproceedings{07d5af3f497a4ef3bddd6d5488875b34,

title = "A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context",

abstract = "Consumer demands for advanced automotive assistant systems and connectivity of cars to the internet make cyber-security an important requirement for vehicle providers. As vehicle providers gear up for the cyber security challenges, they can leverage experiences from many other domains, but nevertheless, must face several unique challenges. Thus, several security standards are well established and do not need to be created from scratch. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems.In the course of this document, a review of available threat analysis methods and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. The aim of this work is to provide a position statement for the discussion of available analysis methods and their applicability for early development phases in context of ISO 26262 and SAE J3061.KeywordsTARAISO 26262SAE J3061AutomotiveSecurity analysis",

keywords = "TARA, ISO 26262, SAE J3061, Automotive , Security analysis",

author = "Georg Macher and Eric Armengaud and Eugen Brenner and Kreiner, {Christian Josef}",

year = "2016",

doi = "10.1007/978-3-319-45477-1_11",

language = "English",

series = "Lecture Notes in Computer Science",

publisher = "Springer International Publishing AG ",

pages = "130",

booktitle = "International Conference on Computer Safety, Reliability, and Security",

address = "Switzerland",

}

TY - GEN

T1 - A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context

AU - Macher, Georg

AU - Armengaud, Eric

AU - Brenner, Eugen

AU - Kreiner, Christian Josef

PY - 2016

Y1 - 2016

N2 - Consumer demands for advanced automotive assistant systems and connectivity of cars to the internet make cyber-security an important requirement for vehicle providers. As vehicle providers gear up for the cyber security challenges, they can leverage experiences from many other domains, but nevertheless, must face several unique challenges. Thus, several security standards are well established and do not need to be created from scratch. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems.In the course of this document, a review of available threat analysis methods and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. The aim of this work is to provide a position statement for the discussion of available analysis methods and their applicability for early development phases in context of ISO 26262 and SAE J3061.KeywordsTARAISO 26262SAE J3061AutomotiveSecurity analysis

AB - Consumer demands for advanced automotive assistant systems and connectivity of cars to the internet make cyber-security an important requirement for vehicle providers. As vehicle providers gear up for the cyber security challenges, they can leverage experiences from many other domains, but nevertheless, must face several unique challenges. Thus, several security standards are well established and do not need to be created from scratch. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides information and high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems.In the course of this document, a review of available threat analysis methods and the recommendations of the SAE J3061 guidebook regarding threat analysis and risk assessment method (TARA) is given. The aim of this work is to provide a position statement for the discussion of available analysis methods and their applicability for early development phases in context of ISO 26262 and SAE J3061.KeywordsTARAISO 26262SAE J3061AutomotiveSecurity analysis

KW - TARA

KW - ISO 26262

KW - SAE J3061

KW - Automotive

KW - Security analysis

U2 - 10.1007/978-3-319-45477-1_11

DO - 10.1007/978-3-319-45477-1_11

M3 - Conference paper

T3 - Lecture Notes in Computer Science

SP - 130

BT - International Conference on Computer Safety, Reliability, and Security

PB - Springer International Publishing AG

ER -

A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context

Abstract

Publikationsreihe

Fields of Expertise

Zugriff auf Dokument

Fingerprint

Projekte

Industrial Informatics

VIF-MEMCONS - MOdel-based EMbedded CONtrol Software

Aktivitäten

SafeComp'16 - International Conference on Computer Safety, Reliability and Security

Dieses zitieren