Search Results

As a result of the ever-increasing application of cyber-physical components in the automotive industry, cybersecurity has become an urgent topic. Adapting technologies and communication protocols like Ethernet and WiFi in connected vehicles yields many attack scenarios. Consequently, ISO/SAE 21434 and UN R155 (2021) define a standard and regulatory framework for automotive cybersecurity, Both documents follow a risk management-based approach and require a threat modeling methodology for risk analysis and identification. Such a threat modeling methodology must conform to the Threat Analysis and Risk Assessment (TARA) framework of ISO/SAE 21434. Conversely, existing threat modeling methods enumerate isolated threats disregarding the vehicle’s design and connections. Consequently, they neglect the role of attack paths from a vehicle’s interfaces to its assets.

A steady increasing share and complexity of automotive software is a huge challenge for quality management during software development and in-use phases. In cases of faults occurring in customer’s use, warranty leads to product recalls which are typically associated with high costs. To avoid software faults efficiently, quality management and enhanced development processes have to be realized by the introduction of specific analysis methods and Key Process/Performance Indicators (KPIs) to enable objective quality evaluations as soon as possible during product development process. The paper introduces an application of specific analysis methods by using KPIs and discusses their potential for automotive software quality improvement. Target is to support quality evaluation and risk-analysis for the release process of automotive software.