Konferenzbeitrag
Security Requirements Engineering in the Automotive Domain: On Specification Procedures and Implementational Aspects
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2008
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Gesellschaft für Informatik e. V.
Zusammenfassung
It is not necessary to always present the terrorist attacker that encroaches into another’s ABS as the dramatic example to alert the need for vehicular IT security. It may suffice to imagine some very simple encroachments on in-vehicle communication integrity or on functional availability that could cause a suddenly uncontrolled spattering windshield washer or a malfunctioning door look system that—in the wrong situation—actually can suffice to threaten life [Ban03]. Although most vehicular applications are developed to face (random) technical failures, they almost never consider a human malicious encroachment. Hence, many vehicular IT systems are susceptible to security issues and hence, can quickly become also safety-critical.
This work describes how to identify the individual security objectives of all entities involved in a typical vehicular IT application. It describes how to deduce the corresponding security requirements that fulfill the security objectives identified before. Finally, this work indicates some helpful vantages and several constraints characteristical when establishing IT security in the automotive domain.