2018 IEEE International Conference on Vehicular Electronics and Safety (ICVES) 2018
DOI: 10.1109/icves.2018.8519496
|View full text |Cite
|
Sign up to set email alerts
|

Improving secure coding rules for automotive software by using a vulnerability database

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2020
2020
2022
2022

Publication Types

Select...
2
1
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(4 citation statements)
references
References 1 publication
0
4
0
Order By: Relevance
“…Given the lack of knowledge on secure coding, developers tend to search online resources for answers and solutions. However, Kurachi et al [33] and Zhang et al [17] show that these solutions are not always adequate and blind usage of these solutions can lead to additional problems.…”
Section: Related Workmentioning
confidence: 99%
“…Given the lack of knowledge on secure coding, developers tend to search online resources for answers and solutions. However, Kurachi et al [33] and Zhang et al [17] show that these solutions are not always adequate and blind usage of these solutions can lead to additional problems.…”
Section: Related Workmentioning
confidence: 99%
“…This work classifies such programs into the entire product life cycle and outlines their potential for optimization in the various phases of the product development process (e.g., threat and risk analyses, testing, access management). Kurachi et al [32] also highlight the benefit of a vulnerability database to extend the coverage of existing automotive coding rules by the automated migration.…”
Section: Current Practice Within the Automotive Environmentmentioning
confidence: 99%
“…Security experts have determined that many vulnerabilities are caused by a limited number of common software development difficulties. [15][16][17] Some common vulnerabilities affecting the code include insufficient logging and monitoring, sensitive data exposure, injection flaws, using insecure components, cross-site scripting, broken authentication, and access control, security misconfiguration, and insecure deserialization. Various BPs of SSC has also been proposed by researchers and practitioners, such as authentication and password management, cryptography, error handling and logging, communication security, data protection, and use of security standards.…”
Section: Introductionmentioning
confidence: 99%
“…The frequently exploited software vulnerabilities include defects, errors, bugs, and logic flaws. Security experts have determined that many vulnerabilities are caused by a limited number of common software development difficulties 15‐17 . Some common vulnerabilities affecting the code include insufficient logging and monitoring, sensitive data exposure, injection flaws, using insecure components, cross‐site scripting, broken authentication, and access control, security misconfiguration, and insecure deserialization.…”
Section: Introductionmentioning
confidence: 99%