Operating Systems Group
Operating Systems Group
Professur Betriebssysteme

Optimizing the Automotive Security Development Process in Early Process Design Phases

Bild: FAU/Audi

Security is a relatively new topic in the automotive industry. In the former days, the only security defense methods were the engine immobilizer and the anti-theft alarm system. The rising connection of vehicles to external networks made it necessary to extend the security effort by introducing security development processes. These processes include, among others, risk analysis and treatment steps. In parallel, the development of ISO/SAE 21434 and UNECE No. R155 started. The long development cycles in the automotive industry made it necessary to align the development processes’ early designs with the standards’ draft releases.

This project aims to design a new consistent, complete, and efficient security development process aligned with the normative references. The resulting development process design aligns with the overall development methodology of the underlying, evaluated development process. Use cases serve as a basis for evaluating improvements and the method designs. This work concentrates on the left leg of the V-Model. Nevertheless, future work targets extensions for a holistic development approach for safety and security.

Publications

    2023

  1. Christine Jakobs, "Security-Entwicklung in modernen Fahrzeugen", 2023
     
    @misc{Ja:Security:2023,
    title = {{Security-Entwicklung in modernen Fahrzeugen}},
    author = {Christine Jakobs},
    year = {2023},
    month = mar,
    day = {11},
    location = {Chemnitz, Germany},
    keywords = {secdev},
    howpublished = {Talk at the Chemnitzer LinuxTage}
  2. Christine Jakobs, "Revisiting the Laprie Model Regarding Security from an Industrial Perspective", 2023
     
    @misc{Ja:Revisiting:2023,
    title = {{Revisiting the Laprie Model Regarding Security from an Industrial Perspective}},
    author = {Christine Jakobs},
    year = {2023},
    month = mar,
    day = {06},
    location = {Dresden, Germany},
    keywords = {secdev},
    howpublished = {Talk at the meeting of section operating systems of GI}


    3. 2022

  3. Christine Jakobs, Matthias Werner, Karsten Schmidt, Gerhard Hansch, "Heuristic Risk Treatment for ISO/SAE 21434 Development Projects", in 2022 17th Conference on Computer Science and Intelligence Systems (FedCSIS), 653-662, 2022 
    @INPROCEEDINGS{Jakobs:Heuristic:2022,
    author={Christine Jakobs and Matthias Werner and Karsten Schmidt and Gerhard Hansch},
    booktitle={2022 17th Conference on Computer Science and Intelligence Systems (FedCSIS)},
    title={Heuristic Risk Treatment for ISO/SAE 21434 Development Projects},
    year={2022},
    volume={},
    number={},
    pages={653-662},
    doi={10.15439/2022F136},
    keywords = {secdev}
  4. Christine Jakobs, Billy Naumann, Matthias Werner, Karsten Schmidt, Jörn Eichler, Holger Helskamp, "Streamlining Security Relevance Analysis According to ISO 21434", in Proceedings of the 5th International Conference on Networking, Information Systems and Security, 2022 
    @InProceedings{Ja:NISS:2022,
    author = {{Christine Jakobs and Billy Naumann and Matthias Werner and Karsten Schmidt and Jörn Eichler and Holger Helskamp}},
    title = {Streamlining Security Relevance Analysis According to ISO 21434},
    year = {2022},
    month = mar,
    booktitle = {Proceedings of the 5th International Conference on Networking, Information Systems and Security},
    note = {to appear},
    keywords = {secdev}


    5. 2021

  5. Christine Jakobs, Matthias Werner, Karsten Schmidt, Gerhard Hansch, "Following the White Rabbit: Integrity Verification Based on Risk Analysis Results", in Computer Science in Cars Symposium, 2021 
    @inproceedings{Ja:Rabbit:2021,
    author = {Christine Jakobs and Matthias Werner and Karsten Schmidt and Gerhard Hansch},
    title = {Following the White Rabbit: Integrity Verification Based on Risk Analysis Results},
    year = {2021},
    isbn = {9781450391399},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3488904.3493377},
    doi = {10.1145/3488904.3493377},
    booktitle = {Computer Science in Cars Symposium},
    articleno = {6},
    numpages = {9},
    location = {Ingolstadt, Germany},
    series = {CSCS '21},
    keywords = {secdev}


    6. 2020

  6. Christine Jakobs, Billy Naumann, Matthias Werner, Karsten Schmidt, "Verification of Integrity in Vehicle Architectures", in Proceedings of the 3rd International Conference on Networking, Information Systems & Security, 2020 
    @inproceedings{Jakobs:2020:NISS,
    author = {Christine Jakobs and Billy Naumann and Matthias Werner and Karsten Schmidt},
    title = {Verification of Integrity in Vehicle Architectures},
    year = {2020},
    isbn = {9781450376341},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3386723.3387883},
    doi = {10.1145/3386723.3387883},
    booktitle = {Proceedings of the 3rd International Conference on Networking, Information Systems & Security},
    articleno = {64},
    numpages = {7},
    keywords = {secdev},
    location = {Marrakech, Morocco},
    series = {NISS2020}

Contact