Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects
Abstract
It is not necessary to always present the terrorist attacker that encroaches into another’s ABS as the dramatic example to alert the need for vehicular IT security. It may suffice to imagine some very simple encroachments on in-vehicle communication integrity or on functional availability that could cause a suddenly uncontrolled spattering windshield washer or a malfunctioning door look system that—in the wrong situation—actually can suffice to threaten life [Ban03]. Although most vehicular applications are developed to face (random) technical failures, they almost never consider a human malicious encroachment. Hence, many vehicular IT systems are susceptible to security issues and hence, can quickly become also safety-critical.
This work describes how to identify the individual security objectives of all entities involved in a typical vehicular IT application. It describes how to deduce the corresponding security requirements that fulfill the security objectives identified before. Finally, this work indicates some helpful vantages and several constraints characteristical when establishing IT security in the automotive domain.
- Citation
- BibTeX
Wolf, M. & Paar, C.,
(2008).
Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects.
In:
Alkassar, A. & Siekmann, J.
(Hrsg.),
SICHERHEIT 2008 – Sicherheit, Schutz und Zuverlässigkeit. Beiträge der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI).
Bonn:
Gesellschaft für Informatik e. V..
(S. 485-498).
@inproceedings{mci/Wolf2008,
author = {Wolf, Marko AND Paar, Christof},
title = {Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects},
booktitle = {SICHERHEIT 2008 – Sicherheit, Schutz und Zuverlässigkeit. Beiträge der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI)},
year = {2008},
editor = {Alkassar, Ammar AND Siekmann, Jörg} ,
pages = { 485-498 },
publisher = {Gesellschaft für Informatik e. V.},
address = {Bonn}
}
author = {Wolf, Marko AND Paar, Christof},
title = {Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects},
booktitle = {SICHERHEIT 2008 – Sicherheit, Schutz und Zuverlässigkeit. Beiträge der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI)},
year = {2008},
editor = {Alkassar, Ammar AND Siekmann, Jörg} ,
pages = { 485-498 },
publisher = {Gesellschaft für Informatik e. V.},
address = {Bonn}
}
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-222-2
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2008
Language:
(en)

Content Type: Text/Conference Paper