Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects

Abstract

It is not necessary to always present the terrorist attacker that encroaches into another’s ABS as the dramatic example to alert the need for vehicular IT security. It may suffice to imagine some very simple encroachments on in-vehicle communication integrity or on functional availability that could cause a suddenly uncontrolled spattering windshield washer or a malfunctioning door look system that—in the wrong situation—actually can suffice to threaten life [Ban03]. Although most vehicular applications are developed to face (random) technical failures, they almost never consider a human malicious encroachment. Hence, many vehicular IT systems are susceptible to security issues and hence, can quickly become also safety-critical. This work describes how to identify the individual security objectives of all entities involved in a typical vehicular IT application. It describes how to deduce the corresponding security requirements that fulfill the security objectives identified before. Finally, this work indicates some helpful vantages and several constraints characteristical when establishing IT security in the automotive domain.