A systematic approach to a qualified security risk analysis for vehicular IT systems

Abstract

By now, security engineering is an accepted challenge in the development of most vehicular IT systems. However, even though many vehicular security threats and effective protection measures are known in general, automotive engineers have difficulties to realize efficient security solutions such that the costs for certain protection measures are appropriate to the actual security threats in order to avoid “underprotection” as well as “over-protection”, which both are unacceptable particularly in the automotive domain. By applying a thorough security risk analysis, which incorporates the special characteristics of the automotive domain, we would have a qualified taxonomy to make well-founded decisions about the security measures effectively required. We therefor present a methodical approach for conducting a meaningful security risk analysis, which focusses particularly on vehicular IT systems. This approach applies systematic estimations for the two mandatory factors of any risk analysis, the potential damages and the probability of a successful security attack, both based on industry-proven methods and taxonomies carefully adapted to vehicular IT security scenarios.