Status of the Development of ISO/SAE 21434

Schmittner, Christoph; Grießnig, Gerhard; Ma, Zhenliang

doi:10.1007/978-3-319-97925-0_43

Cited by 30 publications

(15 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In SAE J3061, safety and security interaction points were defined to coordinate the two engineering processes. In 2017 development of ISO/SAE 21434 ("Road vehicles − Cybersecurity engineering") [6] has been started as a joint project between ISO and SAE. The goal is to develop a cybersecurity engineering standard for road vehicles that includes requirements for cybersecurity process and a common language for communicating and managing cybersecurity risk among stakeholders based on ISO 26262 and SAE J3061.…”

Section: Background and Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Combined automotive safety and security pattern engineering approach

Martin

Ma²,

Schmittner

et al. 2020

Reliability Engineering & System Safety

View full text Add to dashboard Cite

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane-it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.

show abstract

Section: Background and Related Workmentioning

confidence: 99%

“…For security ISO/SAE 21434 [6] is still in development and SAE J3061 was pushed back to work in progress. We use threat modeling as a well established security analysis method for the automotive domain [28], [29], [30].…”

Section: Application Of the Approachmentioning

confidence: 99%

Combined automotive safety and security pattern engineering approach

Martin

Ma²,

Schmittner

et al. 2020

Reliability Engineering & System Safety

View full text Add to dashboard Cite

show abstract

“…The basis for the development of often safety-critical systems are different standards (e.g. ISO26262 [20], ISO/SAE 21434 [32]). These must be taken into account by the stakeholders involved in the development, which leads to extensive process implementations in the companies participating.…”

Section: Background 21 Automotive Systems Engineeringmentioning

confidence: 99%

“…New tools and methods are needed that make complexity controllable through appropriate abstraction and which support agile development in order to react quickly to changes by the customer or other stakeholders [11]. Moreover, the special emphasis within the automotive industry regarding functional safety [20] and security [32] have to be considered. This makes it necessary to coordinate and document requirements for system behavior in a form that is understandable to all stakeholders [27].…”

Section: Introductionmentioning

confidence: 99%

Scenarios in the loop

Wiecher

Japs

Kaiser

et al. 2020

Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems: Companion Proceedi

View full text Add to dashboard Cite

The development of safety-relevant systems in the automotive industry requires the definition of high-quality requirements and tests for the coordination and monitoring of development activities in an agile development environment. In this paper we describe a Scenarios in the Loop (SCIL) approach. SCIL combines (1) natural language requirements specification based on Behavior-Driven Development (BDD) with (2) formal and test-driven requirements modeling and analysis, and (3) integrates discipline-specific tools for software and system validation during development. A central element of SCIL is a flexible and executable scenario-based modeling language, the Scenario Modeling Language for Kotlin (SMLK). SMLK allows for an intuitive requirements formalization, and supports engineers to move iteratively, and continuously aided by automated checks, from stakeholder requirements to the validation of the implemented system. We evaluated the approach using a real example from the field of e-mobility. CCS CONCEPTS • Software and its engineering → System modeling languages; Agile software development.

show abstract

“…UNECE regulation is based on the ISO/SAE 21434. ISO/SAE 21434 is an international standard for automotive cybersecurity established by ISO based on SAE J3061 and it will also be published in 2022 [49], [50]. Therefore, we propose Trustworthy Automotive SDLC that covers all the requirements of both UNECE regulation and ISO/SAE 21434.…”

Section: Automotive Cybersecurity Regulation and Standardmentioning

confidence: 99%

Towards Security-by-design in Automotive Development Process

Jeong¹,

Su-Jin²,

S³

2020

Preprint

View full text Add to dashboard Cite

Although traditional automotive development has mainly focused on functional safety, as the number of automotive hacking cases has increased due to the growing Internet connectivity of vehicles, security is also becoming more important. Accordingly, international organizations are preparing regulations to ensure security on automotive development by emphasizing the concept of security-by-design. The problem, however, is that no specific methodology has been suggested. In this paper, we propose specific security-by-design methodology for automotive development based on standards related to security-by-design. With our methodology, automotive manufacturers can consider aspects of trustworthiness, and can also respond to the upcoming cybersecurity regulation.

show abstract

Status of the Development of ISO/SAE 21434

Cited by 30 publications

References 2 publications

Combined automotive safety and security pattern engineering approach

Combined automotive safety and security pattern engineering approach

Scenarios in the loop

Towards Security-by-design in Automotive Development Process

Contact Info

Product

Resources

About