Logo des Repositoriums

Auflistung nach Autor:in "Vembar, Priyamvadha"

1 - 2 von 2
  • Konferenzbeitrag
    Automotive safety and security integration challenges
    (Automotive - Safety & Security 2014, 2015) Glas, Benjamin; Gebauer, Carsten; Hänger, Jochen; Heyl, Andreas; Klarmann, Jürgen; Kriso, Stefan; Vembar, Priyamvadha; Wörz, Philipp
    The ever increasing complexity of automotive vehicular systems, their connection to external networks, to the internet of things as well as their greater internal networking opens doors to hacking and malicious attacks. Security and privacy risks in modern automotive vehicular systems are well publicized by now. That violation of security could lead to safety violations - is a well-argued and accepted argument. The safety discipline has matured over decades, but the security discipline is much younger. There are arguments and rightfully so, that the security engineering process is similar to the functional safety engineering process (formalized by the norm ISO 26262) and that they could be laid side-by-side and could be performed together - but, by a different set of experts. There are moves to define a security engineering process along the lines of a functional safety engineering process for automotive vehicular systems. But, are these efforts at formalizing safety-security sufficient to produce safe and secure systems? When one sets out on this path with the idea of building safe and secure systems, one realizes that there are quite a few challenges, contradictions, dissimilarities, concerns to be addressed before safe and secure systems started coming out of production lines. The effort of this paper is to bring some such challenge areas to the notice of the community and to suggest a way forward. Note $\bullet $The term “Functional Safety” relates to ISO $26262 \bullet $The term “Security” is used to mean Automotive Embedded Information Security $\bullet $All examples used in this paper are fictitious and do not necessarily reflect either concrete requirements or solutions.
  • Konferenzbeitrag
    Towards an information security framework for the automotive domain.
    (Automotive - Safety & Security 2014, 2015) Glas, Benjamin; Gramm, Jens; Vembar, Priyamvadha
    Driven by increasing connectivity, complexity, and distribution of functions in vehicles, automotive security is steadily gaining attention. While in other domains there is a harmonized notion on security requirements and there are even broad information security management standards, in the automotive domain there is so far no common structured approach to achieve system security. At the same time, the automotive domain shows some special properties that differentiate it from other domains and prevent direct application of available approaches. In this work, we take a step towards an automotive information security framework. We provide an overview of existing system security and security development standards from related domains and provide motivation for harmonization on one hand and a sector-specific standard on the other. We outline core ideas and elements of a possible framework for automotive security engineering, illustrate them with examples, and put them in context with existing related information security standards.