Security Risk Analysis Methodologies for Automotive Systems
Mohamed Abouelnaga, Christine Jakobs
TL;DR
This paper reviews automotive security risk analysis methodologies, focusing on ISO/SAE 21434 standards, and compares various approaches through a use case to aid OEMs in achieving compliance.
Contribution
It summarizes the ISO/SAE 21434 security risk analysis framework and provides a comparative analysis of different approaches using a practical use case.
Findings
ISO/SAE 21434 provides high-level principles for threat analysis and risk assessment.
Comparison of security analysis approaches highlights their strengths and limitations.
Guidelines for OEMs to select suitable security risk analysis methods.
Abstract
Nowadays, systematic security risk analysis plays a vital role in the automotive domain. The demand for advanced driver assistance systems and connectivity of vehicles to the internet makes cyber-security a crucial requirement for vehicle manufacturers. This paper summarizes the risk analysis method stated in the recently released automotive security standard ISO/SAE 21434, which lays the high-level principles for threat analysis and risk assessment (TARA) methods. Following, we introduce a specific use case to compare different security analysis approaches which OEMs can benefit from to achieve compliance with the standard.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSafety Systems Engineering in Autonomy · Information and Cyber Security · Software Testing and Debugging Techniques