Search Results

As a result of the ever-increasing application of cyber-physical components in the automotive industry, cybersecurity has become an urgent topic. Adapting technologies and communication protocols like Ethernet and WiFi in connected vehicles yields many attack scenarios. Consequently, ISO/SAE 21434 and UN R155 (2021) define a standard and regulatory framework for automotive cybersecurity, Both documents follow a risk management-based approach and require a threat modeling methodology for risk analysis and identification. Such a threat modeling methodology must conform to the Threat Analysis and Risk Assessment (TARA) framework of ISO/SAE 21434. Conversely, existing threat modeling methods enumerate isolated threats disregarding the vehicle’s design and connections. Consequently, they neglect the role of attack paths from a vehicle’s interfaces to its assets.

The automotive domain has seen safety engineering at the forefront of the industry’s priorities for the last decade. Therefore, additional safety engineering efforts, design approaches, and well-established safety processes have been stipulated. Today many connected and automated vehicles are available and connectivity features and information sharing are increasingly used. This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles.

Automotive embedded systems have become very complex, are strongly integrated, and the safety-criticality and real-time constraints of these systems raise new challenges. The OSEK/VDX standard provides an open-ended architecture for distributed real-time capable units in vehicles. This is supported by the OSEK Implementation Language (OIL), a language aiming at specifying the configuration of these real-time operating systems. The challenge, however, is to ensure consistency of the concept constraints and configurations along the entire product development. The contribution of this paper is to bridge the existing gap between model-driven systems engineering and software engineering for automotive real-time operating systems (RTOS). For this purpose a bidirectional tool bridge has been established based on OSEK OIL exchange format files.