Abstract
The growing number of vehicles daily moving on roads increases the need of protecting the safety and security of passengers, pedestrians, and vehicles themselves. This need is intensified when considering the pervasive introduction of Information and Communication Technologies (ICT) systems into modern vehicles, because this makes such vehicles potentially vulnerable from the point of view of security. The convergence of safety and security requirements is one of the main outstanding research challenges in software-intensive systems. This work reviews existing methodologies and solutions addressing security issues in the automotive domain with a focus on the integration between safety and security aspects. In particular, we identify the main security issues with vehicular communication technologies and existing gaps between state-of-the-art methodologies and their implementation in the real world. Starting from a literature survey and referring to widely accepted standards of the domain, such as AUTOSAR and ISO 26262, we discuss research challenges and set baselines for a holistic secure-by-design approach targeting safety and security aspects all along the different phases of the development process of automotive software.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Adelard LLP. (2016). ASCE Assurance & Safety Case Environment. http://www.adelard.com/asce/. Online; accessed May 2016.
Administration, N.H.T.S., & et al. (2005). Vehicle safety communications project task 3 final report: identify intelligent vehicle safety applications enabled by dsrc. DOT HS S09 S, 59.
Albinet, A., Begoc, S., Boulanger, J., Casse, O., Dal, I., Dubois, H., Lakhal, F., Louar, D., Peraldi-Frati, M., Sorel, Y., et al. (2008). The memvatex methodology: from requirements to models in automotive application design. In 4th European Congress ERTS (Embedded Real Time Software), Toulouse, France.
Almefelt, L., Berglund, F., Nilsson, P., Malmqvist, J. (2006). Requirements management in practice: findings from an empirical study in the automotive industry. Research in Engineering Design, 17(3), 113–134.
ARTEMIS. (2016). JU CHESS Project. http://www.chess-project.org. Online; accessed May 2016.
ARTEMIS. (2016). SESAMO—Security and Safety Modelling. http://sesamo-project.eu/. Online; accessed May 2016.
Automotive, S. (2010). Automotive spice, process assessment model (pam) v2.5. In The Procurement Forum. The SPICE User Group.
Automotive, S. (2010). Automotive spice, process reference model (prm) v4.5. In The Procurement Forum. The SPICE User Group.
AUTOMOTIVE SPIN. (2016). Thirteenth Automotive SPIN Italia Workshop. http://www.automotive-spin.it/download.php. Online; accessed May 2016.
AUTOSAR. (2016). AUTomotive Open System ARchitecture: http://www.autosar.org/. Online; accessed May 2016.
Basin, D., Clavel, M., Egea, M. (2011). A decade of model-driven security. In Proceedings of the 16th ACM symposium on Access control models and technologies (pp. 1–10): ACM.
Becker, B., Giese, H., Neumann, S., Schenck, M., Treffer, A. (2010). Model-based extension of autosar for architectural online reconfiguration. In Proceedings of International Conference on Model Driven Engineering Languages and Systems (pp. 83–97): Springer.
Berry, G., Bouali, A., Fornari, X., Ledinot, E., Nassor, E., de Simone, R. (2000). Esterel: a formal method applied to avionic software development. Science of Computer Programming, 36(1), 5–25.
Bertolino, A., Busch, M., Daoudagh, S., Lonetti, F., Marchetti, E. (2014). A toolchain for designing and testing access control policies. In Heisel, M., Joosen, W., Lopez, J., & Martinelli, F. (Eds.) Engineering Secure Future Internet Services and Systems - Current Research, Lecture Notes in Computer Science (pp. 266–286): Springer.
Biehl, M., DeJiu, C., Törngren, M. (2010). Integrating safety analysis into the model-based development toolchain of automotive embedded systems. SIGPLAN Notices, 45(4), 125–132.
Brooks, R., Sander, S., Deng, J., Taiber, J. (2009). Automobile security concerns. IEEE Vehicular Technology Magazine, 4(2), 52–64.
Broy, M. (2006). Challenges in automotive software engineering. In Proceedings of the 28th international conference on Software engineering (pp. 33–42): ACM.
Broy, M., Kruger, I., Pretschner, A., Salzmann, C. (2007). Engineering automotive software. Proceedings of the IEEE, 95(2), 356–373.
Burton, S., Likkei, J., Vembar, P., Wolf, M. (2012). Automotive functional safety= safety+ security. In Proceedings of the First International Conference on Security of Internet of Things (pp. 150–159): ACM.
Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T., et al. (2011). Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. San Francisco.
Chen, L., Ng, S.L., Wang, G. (2011). Threshold anonymous announcement in vanets. IEEE Journal on Selected Areas in Communications, 29(3), 605–615.
Chou, C.M., Li, C.Y., Chien, W.M., Lan, K.c. (2009). A feasibility study on vehicle-to-infrastructure communication: Wifi vs. wimax. In Proceedings of Tenth International Conference on Mobile Data Management: Systems, Services and Middleware (pp. 397–398): IEEE.
Conrad, M. (2012). Verification and validation according to ISO 26262: A workflow to facilitate the development of high-integrity software Embedded Real Time Software and Systems.
Conrad, M., & Mosterman, P.J. (2013). Model-based design using Simulink modeling, code generation, verification, and validation, (pp. 159–181). New York: Wiley.
Cuenot, P., Frey, P., Johansson, R., Lönn, H., Papadopoulos, Y., Reiser, M.O., Sandberg, A., Servat, D., Kolagari, R.T., Törngren, M., et al. (2010). 11 the east-adl architecture description language for automotive embedded software. In Model-based engineering of embedded real-time systems (pp. 297–307): Springer.
Danlaw Inc. (2016). Mx-Suite. http://goo.gl/UJcMpX. Online; accessed May 2016.
dSPACE. (2016). TargetLink Code Generator. https://goo.gl/sSG0mD. Online; accessed May 2016.
ESTEREL. (2016). http://www.esterel-technologies.com/products/. Online; accessed May 2016.
ETAS. (2016). http://www.etas.com/en/index.php. Online; accessed May 2016.
EVITA. (2016). E-safety vehicle intrusion protected applications. http://www.evita-project.org/. Online; accessed May 2016.
FP-7. (2016). NESSoS - Network of Excellence on Engineering Secure Future Internet Software Services and Systems. http://www.nessos-project.eu. Online; accessed May 2016.
FP-7. (2016). Rasen - Compositional Risk Assessment and Security Testing of Networked Systems. http://www.rasenproject.eu/. Online; accessed September 2016.
Glas, B., Gebauer, C., Hänger, J., Heyl, A., Klarmann, J., Kriso, S., Vembar, P., Wörz, P. (2014). Automotive safety and security integration challenges. In Automotive - Safety & Security.
Heisel, M., Joosen, W., Lopez, J., & Martinelli, F. (Eds.). (2014). Engineering Secure Future Internet Services and Systems - Current Research, Lecture Notes in Computer Science, Vol. 8431. Berlin: Springer.
Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B. (2009). Security requirements for automotive on-board networks. In Proceedings of the 9th International Conference on Intelligent Transport System Telecommunications (ITST).
Heumesser, N., & Houdek, F. (2004). Experiences in managing an automotive requirements engineering process. In Proceedings of 12th IEEE International Conference on Requirements Engineering (pp. 322–327).
HiP-HOPS. (2016). Hierarchically Performed Hazard Origin and Propagation Studies. http://hip-hops.eu/. Online; accessed May 2016.
Holtmann, J., Meyer, J., & Meyer, M. (2011). A seamless model-based development process for automotive systems. In Proceedings of Software Engineering (Workshops) (pp. 79–88).
IEEE. (2016). IEEE 1609 - Family of Standards for Wireless Access in Vehicular Environments (WAVE).
IET. The Institution of Engineering and Technology: Automotive Cyber Security: An IET/KTN Thought Leadership Review of risk perspective for connected vehicles. http://goo.gl/2mhmvk. Online; accessed May 2016.
ikv++ Technologies. (2016). medini analyze. http://goo.gl/kVPlp5. Online; accessed May 2016.
Intecs SpA (2016). D.I.A.N.A. http://www.intecs.it/eng/prodotti_dettagli.asp?ID_Prodotto=30. Online; accessed May 2016.
International Electrotechnical Commission. (2016). Functional Safety and IEC 61508. http://www.iec.ch/functionalsafety/. Online; accessed May 2016.
ISO. (2016). ISO 26262 - Road Vehicles - Functional Safety. International Organization for Standardization.
ISO/IEC. (2016). 27034-2:2015 - Information technology – Security techniques – Application security – Part 2: Organization normative framework. http://goo.gl/D8EClR. Online; accessed May 2016.
ISO/IEC. (2016). 9646-7:1995 - Information technology – Open Systems Interconnection – Conformance testing methodology and framework – Part 7: Implementation Conformance Statements. http://goo.gl/9WtcAy. Online; accessed May 2016.
ISO/IEC. (2016). ISO/IEC 15408-1:2009 - Information technology – Security techniques – Evaluation criteria for IT security – Part 1: Introduction and general model. http://goo.gl/F0A5aT. Online; accessed May 2016.
ITEA. (2016). DIAMONDS - Development and Industrial Application of Multi-Domain Security Testing Technologies. https://itea3.org/project/diamonds.htm. Online; accessed September 2016.
Izerrouken, N., Kai, O.S.Y., Pantel, M., Thirioux, X. (2010). Use of formal methods for building qualified code generator for safer automotive systems. In Proceedings of the 1st Workshop on Critical Automotive Applications: Robustness & Safety (pp. 53–56).
Kaur, M., Singh, P., et al. (2012). Performance evaluation of v2vcommunication by implementing security algorithm in vanet. In Advances in Computing and Information Technology (pp. 757–763): Springer.
Kornecki, A.J., & Zalewski, J. (2010). Safety and security in industrial control. In Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (p. 77): ACM.
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al. (2010). Experimental security analysis of a modern automobile. In Proceedings of IEEE Symposium on Security and Privacy (pp. 447–462): IEEE.
Kounga, G., Walter, T., Lachmund, S. (2009). Proving reliability of anonymous information in vanets. IEEE Transactions on Vehicular Technology, 58(6), 2977–2989.
Leinmüller, T., Buttyan, L., Hubaux, J.P., Kargl, F., Kroh, R., Papadimitratos, P., Raya, M., Schoch, E. (2006). Sevecom-secure vehicle communication. In IST Mobile and Wireless Communication Summit, LCA-POSTER-2008-005.
Leinmüller, T., Schmidt, R.K., Held, A. (2010). Cooperative position verification-defending against roadside attackers 2.0. In Proceedings of 17th ITS World Congress (pp. 1–8).
Lindlar, F., & Zimmermann, A. (2008). A code generation tool for embedded automotive systems based on finite state machines. In Proceedings of 6th IEEE International Conference on Industrial Informatics (pp. 1539–1544).
Macher, G., Stolz, M., Armengaud, E., Kreiner, C. (2015). Filling the gap between automotive systems, safety, and software engineering. e & i Elektrotechnik und Informationstechnik, 132(3), 142–148.
Malip, A., Ng, S.L., Li, Q. (2014). A certificateless anonymous authenticated announcement scheme in vehicular ad hoc networks. Security and Communication Networks, 7(3), 588–601.
MathWorks. (2016). Embedded coder. http://it.mathworks.com/products/embedded-coder/index.html. Online; accessed May 2016.
MathWorks. (2016). Simulink—simulation and model-based design. http://it.mathworks.com/help/simulink/. Online; accessed May 2016.
Miller, C., & Valasek, C. (2014). A survey of remote automotive attack surfaces. USA: Black Hat.
Navet, N., & Simonot-Lion, F. (2013). In-vehicle communication networks-a historical perspective and review. Industrial Communication Technology Handbook, 2 edn. (Vol. 96, pp. 1204–1223).
Nolte, T., Hansson, H., Bello, L.L. (2005). Automotive communications-past, current and future. In Proceedings of 10th IEEE Conference on Emerging Technologies and Factory Automation, (Vol. 1 p. 8): IEEE.
OMG. (2016). Systems Modeling Language. http://www.omgsysml.org/. Online; accessed May 2016.
OMG. (2016). The UML Profile for MARTE: Modeling and Analysis of Real-Time and Embedded Systems. http://www.omgmarte.org/. Online; accessed May 2016.
Open Garages. (2016). Car Hackers 2014.Owner Manual. http://goo.gl/H1Byqn. Online; accessed May 2016.
Papadimitratos, P., Buttyan, L., Holczer, T.S., Schoch, E., Freudiger, J., Raya, M., Ma, Z., Kargl, F., Kung, A., Hubaux, J.P. (2008). Secure vehicular communication systems: design and architecture. IEEE Communications Magazine, 46 (11), 100–109.
Popov, P. (2011). Preliminary interdependency analysis (PIA): method and tool support. In Troubitsyna, E. (Ed.) Software Engineering for Resilient Systems, Lecture Notes in Computer Science, (Vol. 6968 pp. 1–8). Berlin Heidelberg: Springer.
Prasad, K.V., Broy, M., Krueger, I. (2010). Scanning advances in aerospace & automobile software technology. Proceedings of the IEEE, 4(98), 510–514.
Pretschner, A., Broy, M., Kruger, I.H., Stauner, T. (2007). Software engineering for automotive systems: a roadmap. In 2007 Future of Software Engineering (pp. 55–71).
Razzaque, M., Salehi, A., Cheraghi, S.M. (2013). Security and privacy in vehicular ad-hoc networks: survey and the road ahead. In Wireless Networks and Security (pp. 107–132): Springer.
Robinson-Mallett, C. (2014). Coordinating security and safety engineering processes in automotive electronics development. In Proceedings of the 9th Annual Cyber and Information Security Research Conference (pp. 45–48).
Sagstetter, F., Lukasiewycz, M., Steinhorst, S., Wolf, M., Bouard, A., Harris, W.R., Jha, S., Peyrin, T., Poschmann, A., Chakraborty, S. (2013). Security challenges in automotive hardware/software architecture design. In Proceedings of the Conference on Design, Automation and Test in Europe (pp. 458–463): EDA Consortium.
Schroeder, J., Berger, C., Herpel, T. (2015). Challenges from integration testing using interconnected hardware-in-the-loop test rigs at an automotive oem: an industrial experience report. In Proceedings of the First International Workshop on Automotive Software Architecture (pp. 39–42): ACM.
Sikora, E., Tenbergen, B., Pohl, K. (2012). Industry needs and research directions in requirements engineering for embedded systems. Requirements Engineering, 17(1), 57–78.
Sommerville, I. (2004). Software Engineering. International computer science series. ed: Addison Wesley.
Sporer, H., Macher, G., Armengaud, E., Kreiner, C. (2015). Incorporation of model-based system and software development environments. In Proceedings of 41st Euromicro Conference on Software Engineering and Advanced Applications (SEAA) (pp. 177–180).
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., Laarouchi, Y. (2013). Survey on security threats and protection mechanisms in embedded automotive networks. In Proceedings of 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) (pp. 1–12).
Toeppe, S., Bostic, D., Ranville, S., Rzemien, K. (1999). Automatic code generation requirements for production automotive powertrain applications. In Proceedings of the IEEE International Symposium on Computer Aided Control System Design (pp. 200–206).
Toom, A., Izerrouken, N., Naks, T., Pantel, M., Ssi-Yan-Kai, O. (2010). Towards reliable code generation with an open tool: evolutions of the gene-auto toolset. In Proceedings of 5th International Congress and exhibition ERTS2.
TTCN-3. (2016). TESTING AND TEST CONTROL NOTATION VERSION 3. http://www.ttcn-3.org/. Online; accessed September 2016.
Voget, S. (2010). Autosar and the automotive tool chain. In Proceedings of the Conference on Design, Automation and Test in Europe (pp. 259–262): European Design and Automation Association.
Wiedersheim, B., Sall, M., Reinhard, G. (2009). Sevecomsecurity and privacy in car2car ad hoc networks. In Proceedings of 9th International Conference on Intelligent Transport Systems Telecommunications (ITST) (pp. 658–661).
Wolff, C., Brink, C., Httger, R., Igel, B., Kamsties, E., Krawczyk, L. (2015). Automotive software development with AMALTHEA. In Practice and Perspectives (p. 432).
Funding
This work has been partially supported by the GAUSS national research project (MIUR, PRIN 2015, Contract 2015KWREMX).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bertolino, A., Calabro’, A., Di Giandomenico, F. et al. A tour of secure software engineering solutions for connected vehicles. Software Qual J 26, 1223–1256 (2018). https://doi.org/10.1007/s11219-017-9393-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11219-017-9393-3