@inproceedings{a3ecf1b759a14acfbfec635ee2b230ed,
title = "First Experiences with the Automotive SPICE for Cybersecurity Assessment Model",
abstract = "The Automotive SPICE for Cybersecurity Assessment Model has been published as a first version in February 2021. It will be used for cybersecurity homologation assessments of projects. A new UNECE norm requires from summer 2022 onwards the presence of a CSMS (Cybersecurity Management System) for organisations and the VDA AK13 published in Feb 2021 a new assessment model for the cybersecurity of Automotive development projects. The SOQRATES group as a working party of Automotive suppliers and research and training bodies has developed a cybersecurity engineer job role and training and best practice examples of how to cover the new security engineering practices. Also, first trials of using the new security related questions have been done and first experiences are shared in this paper.",
keywords = "Automotive SPICE for cybersecurity, Cybersecurity assessment, Cybersecurity engineer",
author = "Richard Messnarz and So Norimatsu and J{\"u}rgen Dobaj and Damjan Ekert and Georg Macher and Tobias Zehetner and Laura Aschbacher",
note = "Funding Information: DRIVES [7, 8, 29, 32, 39–41]isanErasmus + project supported by the European Union as a Blueprint for the Automotive sector. In DRIVES 40 new job roles for the future development of vehicles have been elaborated and cybersecurity engineer is one of the elaborated job roles. For each job role [5, 9, 32] a set of skills has been elaborated. Funding Information: Work is partially supported by Grant of SGS No. SP2020/62, V{\v S}B - Technical University of Ostrava, Czech Republic. Funding Information: Acknowledgements. We are grateful to the European Commission which has funded the BLUEPRINT project DRIVES (2018–2021) [7, 8, 29, 32, 39–41]. In this case the publications reflect the views only of the author(s), and the Commission cannot be held responsible for any use, which may be made of the information contained therein. Funding Information: We are grateful to the European Commission which has funded the BLUEPRINT project DRIVES (2018?2021) [7, 8, 29, 32, 39?41]. In this case the publications reflect the views only of the author(s), and the Commission cannot be held responsible for any use, which may be made of the information contained therein. Work is partially supported by Grant of SGS No. SP2020/62, V?B-Technical University of Ostrava, Czech Republic. Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 28th European Conference on Systems, Software and Services Process Improvement : EuroSPI 2021 ; Conference date: 01-09-2021 Through 03-09-2021",
year = "2021",
doi = "10.1007/978-3-030-85521-5_35",
language = "English",
isbn = "9783030855208",
series = "Communications in Computer and Information Science",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "531--547",
editor = "Murat Yilmaz and Paul Clarke and Richard Messnarz and Michael Reiner",
booktitle = "Systems, Software and Services Process Improvement - 28th European Conference, EuroSPI 2021, Proceedings",
address = "Germany",
}