Threat and Risk Assessment Methodologies in the Automotive Domain

Georg Macher, Eric Armengaud, Eugen Brenner, Christian Josef Kreiner

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Safety and security are both qualities that concern the overall system. However, these disciplines are traditionally treated independently in the automotive domain. Replacement of classical mechanical systems with safety-critical embedded systems raised the awareness of the safety attribute and caused the introduction of the ISO26262 standard. In contrast to this, security topics are traditionally seen as attacks of a mechanical nature and as only affecting single vehicles (e.g. door lock and immobilizer related). Due to the increasing interlacing of automotive systems with networks (such as Car2X), new features like autonomous driving, and online software updates, it is no longer acceptable to assume that car fleets are immune to security risks and automated remote attacks. Consequently, future automotive systems development requires appropriate systematic approaches to support cyber security and safety aware development.

Therefore, this paper examines threat and risk assessment techniques that are available for the automotive domain and presents an approach to classify cyber-security threats, which can be used to determine the appropriate number of countermeasures that need to be considered. Furthermore, we present a combined approach for safety and security analysis to be applied in early development phases, which is a pre-requisite for consistent engineering throughout the development lifecycle.
Original languageEnglish
Title of host publicationThe 7th International Conference on Ambient Systems, Networks and Technologies (ANT 2016)
PublisherElsevier B.V.
Number of pages7
Publication statusPublished - 26 May 2016

Publication series

Name Procedia Computer Science
PublisherElsevier BV

Fields of Expertise

  • Mobility & Production
  • Information, Communication & Computing

Cite this