- AutorIn
- M.Sc. Christine Jakobs
- Titel
- Optimizing the Automotive Security Development Process in Early Process Design Phases
- Zitierfähige Url:
- https://nbn-resolving.org/urn:nbn:de:bsz:ch1-qucosa2-861067
- Datum der Einreichung
- 05.12.2022
- Datum der Verteidigung
- 20.06.2023
- ISBN
- 978-3-96100-190-3
- DOI
- https://doi.org/10.51382/978-3-96100-190-3
- Abstract (EN)
- Security is a relatively new topic in the automotive industry. In the former days, the only security defense methods were the engine immobilizer and the anti-theft alarm system. The rising connection of vehicles to external networks made it necessary to extend the security effort by introducing security development processes. These processes include, amongothers, risk analysis and treatment steps. In parallel, the development of ISO/SAE 21434 and UN-ECE No. R155 started. The long development cycles in the automotive industry made it necessary to align the development processes' early designs with the standards' draft releases. This work aims to design a new consistent, complete and efficient security development process, aligned with the normative references. The resulting development process design aligns with the overall development methodology of the underlying, evaluated development process. Use cases serve as a basis for evaluating improvements and the method designs. This work concentrates on the left leg of the V-Model. Nevertheless, future work targets extensions for a holistic development approach for safety and security.
- Freie Schlagwörter (EN)
- Automotive Systems, Dependability, Security, Development Process
- Klassifikation (DDC)
- 000
- Normschlagwörter (GND)
- Informationssicherheit, Kraftfahrzeugindustrie, Entwicklung
- GutachterIn
- Prof. Dr. Matthias Werner
- Prof. Dr. Peter Tröger
- Dr. Karsten Schmidt
- BetreuerIn Hochschule / Universität
- Prof. Dr. Matthias Werner
- Verlag
- Universitätsverlag Chemnitz, Chemnitz
- Den akademischen Grad verleihende / prüfende Institution
- Technische Universität Chemnitz, Chemnitz
- Version / Begutachtungsstatus
- publizierte Version / Verlagsversion
- URN Qucosa
- urn:nbn:de:bsz:ch1-qucosa2-861067
- Veröffentlichungsdatum Qucosa
- 02.08.2023
- Dokumenttyp
- Dissertation
- Sprache des Dokumentes
- Englisch
- Lizenz / Rechtehinweis
- CC BY-SA 4.0
- Inhaltsverzeichnis
I. Foundation 1. Introduction 2. Automotive Development 3. Methodology II. Meta-Functional Aspects 4. Dependability as an Umbrella-Term 5. Security Taxonomy 6. Terms and Definitions III. Security Development Process Design 7. Security Relevance Evaluation 8. Function-oriented Security Risk Analysis 9. Security Risk Analysis on System Level 10. Risk Treatment IV. Use Cases and Evaluation 11. Evaluation Criteria 12. Use Case: Security Relevance Evaluation 13. Use Case: Function-oriented Security Risk Analysis 14. Use Case: System Security Risk Analysis 15. Use Case: Risk Treatment V. Closing 16. Discussion 17. Conclusion 18. Future Work Appendix A. Attacker Model Categories and Rating Appendix B. Basic Threat Classes for System SRA Appendix C. Categories of Defense Method Properties