Experiences with the automotive SPICE for cybersecurity assessment model and tools

Messnarz, Richard; Ekert, Damjan; Macher, Georg; Much, Alexander; Zehetner, Tobias; Aschbacher, Laura

doi:10.1002/smr.2519

Cited by 5 publications

(6 citation statements)

References 56 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The standard was published in September 2021 and it aims to help organisations identify and mitigate potential cybersecurity risks associated with connected vehicles, autonomous vehicles, and other advanced vehicle technologies. For example, the German Automotive Association requires that all development products, from 2022, must be subject to a security assessment [15] if they involve external interfaces that influence automotive functional behaviours ( on-board communication, diagnostic, etc.). This is to adhere to the requirements from ISO/SAE 2143O and subsequently the UNECE Regulation R155.…”

Section: Tcu and Automotive Otamentioning

confidence: 99%

Addressing automotive cybersecurity risks with an ARM Morello capability-enhanced prototype

Nguyen,

Shaikh,

Kutsal

et al. 2024

Preprint

View full text Add to dashboard Cite

Modern vehicles are equipped with hundreds of ECUs deployed across vehicle networks. Each ECU runs a variety of safety and cyber-critical workloads which is facing an increasingly challenging cybersecurity climate, which is being driven by various factors such as vehicle system complexity, software complexity, supply chain complexity and an increase in wireless interfaces. With these challenges, the automotive sector is a perfect domain for the use of Security-by-Design and secure hardware technologies. In this paper, we demonstrate the application of Security-by-Design and the secure hardware Morello, one of the CHERI implementations, in the design and implementation of Telematic Control Units (TCU), a crucial component of modern vehicles. This results in a generic secure TCU design with well-justified security requirements and an understanding of the risks associated with it. As such, this work paves the way for the systematic integration of secure hardware for cyber-physical systems, of which automotive is just one application.

show abstract

Section: Tcu and Automotive Otamentioning

confidence: 99%

Addressing automotive cybersecurity risks with an ARM Morello capability-enhanced prototype

Nguyen,

Shaikh,

Kutsal

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Furthermore, there are systematic pattern approaches for safety and security co-engineering in the automotive domain, which can open up new opportunities for realizing innovative safety functions (Amorim et al, 2017). Efforts such as the Automotive SPICE for cybersecurity assessment model and tools contribute to continuous improvement in system, software, and services, addressing the challenges faced by the automotive industry (Messnarz et al, 2022).…”

Section: Challenges and Opportunitiesmentioning

confidence: 99%

The evolution of embedded systems in automotive industry: A global review

Sedat Sonko,

Cosmas Dominic Daudu,

Femi Osasona

et al. 2024

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

The automotive industry has undergone a revolutionary transformation with the integration of embedded systems, marking a paradigm shift in vehicle design, performance, and safety. This global review explores the evolution of embedded systems in the automotive sector, encompassing the technological advancements, market trends, and the transformative impact on vehicle functionalities. Over the past few decades, the automotive landscape has witnessed a rapid integration of embedded systems to enhance vehicle intelligence and connectivity. These systems, ranging from Engine Control Units (ECUs) to Advanced Driver Assistance Systems (ADAS), have become pivotal in shaping the modern automotive experience. The review delves into the historical trajectory, starting from the early stages of simple control units to the sophisticated, interconnected systems prevalent in today's vehicles. The adoption of embedded systems has not been uniform across regions, and the review highlights the global trends and regional disparities in implementing these technologies. Different countries and automotive markets have exhibited diverse approaches, influenced by regulatory frameworks, consumer preferences, and the availability of infrastructure. Moreover, the review examines the symbiotic relationship between embedded systems and the emergence of electric and autonomous vehicles. As the automotive industry embraces sustainability and autonomy, embedded systems play a pivotal role in achieving these objectives by optimizing energy consumption, improving safety measures, and enabling seamless communication between vehicles and their environment. The challenges and opportunities associated with the evolution of embedded systems are also scrutinized, including cybersecurity concerns, standardization efforts, and the growing role of artificial intelligence in automotive applications. This comprehensive review contributes to a deeper understanding of the intricate dynamics between embedded systems and the automotive industry, providing valuable insights for researchers, industry professionals, and policymakers navigating the ever-evolving landscape of smart and connected vehicles.

show abstract

“…This work bases on previous innovation-related activities in the EuroSPI (European Systems, Software, Services Process and Product Improvement and Innovation, www.eurospi.net) community which organizes an annual international innovation workshop since 2012 and which was partner in the EU Blueprint project DRIVES (2018)(2019)(2020)(2021)(2022) in which a role of an innovation agent has been developed for the automotive industry in Europe. Also, the EuroSPI community provides an infrastructure for managing assessment systems [29][30][31][32] and TIMS reused this infrastructure and configured it for innovation assessments based on the PAM (Process Assessment Model) for innovation management developed in TIMS.…”

Section: Tims (Training In Innovation Managementmentioning

confidence: 99%

“…This leads to a measurement of a capability level per innovation process and an innovation capability profile. A major task of TIMS therefore was to split ISO 56000 into single processes that can be included in this measurement framework [7,[29][30][31][32][43][44][45].…”

Section: Innovation -Research and Development For Human Economic And ...mentioning

confidence: 99%

See 1 more Smart Citation

Innovation Management System Assessment and Benchmarking

Messnarz,

Aschbacher,

Ekert

et al. 2024

Innovation - Research and Development for Human, Economic and Institutional Growth

Self Cite

View full text Add to dashboard Cite

TIMS (Training in Innovation Management System for Sustainable SMEs) is an EU Erasmus+ project which analyzed the ISO (International Standardisation Organisation) 56000 innovation management system norm parts and configured in 2022 an ISO 56000-based innovation assessment portal. This system allows self-assessment, independent expert assessment, and benchmarking for innovation management. In 2023, a competence matrix and related training materials to support the implementation of ISO 56000 is developed. The ISO 56000-based assessment tool applied ISO 33020 for process capability assessment for ISO 56000 and this allows us to determine the capability of ISO 56000 processes. This paper gives an overview of which processes have been derived from ISO 56000 and how the PAM (Innovation Process Assessment Model) is structured. Since ISO 33020 provides a standard method to determine process attributes and capability level profiles of innovation management system processes, the method also allows a Europe (and worldwide) benchmarking of the capability of innovation management systems. The objective of TIMS is to establish an assessment system and training to roll out ISO 56000 to the European industry. The tools and training materials will be used by universities in lecturing programs and by innovation agents in the industry.

show abstract

Experiences with the automotive SPICE for cybersecurity assessment model and tools

Cited by 5 publications

References 56 publications

Addressing automotive cybersecurity risks with an ARM Morello capability-enhanced prototype

Addressing automotive cybersecurity risks with an ARM Morello capability-enhanced prototype

The evolution of embedded systems in automotive industry: A global review

Innovation Management System Assessment and Benchmarking

Contact Info

Product

Resources

About