Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Automotive Cybersecurity Standards - Relation and Overview

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2019)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11699))

Included in the following conference series:

Abstract

Today many connected and automated vehicles are available and connectivity features and information sharing is increasingly used for additional vehicle-, maintenance- and traffic safety features. This highly connected networking also increase the attractiveness of an attack on vehicles and the connected infrastructure by hackers with different motivations and thus introduces new risks for vehicle cybersecurity.

Highly aware of this fact, the automotive industry has therefore taken high efforts in designing and producing safe and secure connected and automated vehicles. Therefore the domain invested efforts in the development of industry standards to tackle automotive cybersecurity issues and protect their assets. The joint working group of the standardization organizations International Organization for Standardization (ISO) and Society of Automotive Engineers (SAE) has recently established and published a committee draft of the “ISO-SAE Approved new Work Item (AWI) 21434 Road Vehicles - Cybersecurity Engineering” standard. In addition to that SAE is also working on a set of cybersecurity guidance, ISO is addressing specific automotive cybersecurity related topics in additional standards and European Telecommunications Standards Institute (ETSI) and International Telecommunication Union (ITU) is working on security topics of connected vehicles. Further activities are national and international regulations on Automotive Cybersecurity. In the course of this document, a review of the available work and ongoing developments is given and the outline of the automotive cybersecurity framework is given. The aim of this work is to provide a position statement for discussion of available standards, methods and recommendations for automotive cybersecurity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. National Highway Traffic Safety Administration: Cybersecurity best practices for modern vehicles. Report No. DOT HS 812, 333 (2016)

    Google Scholar 

  2. Automotive iQ: Automotive Cyber Security - Dedicated eBook for the Cyber Security professional (2017). https://www.automotive-iq.com/events-automotive-cyber-security/downloads/complete-automotive-cyber-security-ebook

  3. Comité des constructeurs français d’automobile: Extended Vehicle (ExVe) and Standardisation, May 2019. https://ccfa.fr/dossiers-thematiques/extended-vehicle-exve-and-standardisation. Accessed 13 May 2019

  4. Ebert, C., Jones, C.: Embedded software: facts, figures, and future. IEEE Comput. Soc. 0018–9162(09), 42–52 (2009)

    Article  Google Scholar 

  5. Hunjan, H.: ISO/SAE 21434 automotive cybersecurity engineering, July 2018. http://2pe5rtjld2w41m0dy17n5an1-wpengine.netdna-ssl.com/wp-content/uploads/2018/07/8_Renesas_Automotive-Cyber-Security-Standardistation-v1.0.pdf. Accessed 12 May 2019

  6. IHS Automotive: Automotive Cybersecurity and Connected Car Report (2016)

    Google Scholar 

  7. International Electrotechnical Commission: IEC 62443: Industrial communication networks - network and system security

    Google Scholar 

  8. International Standardization Organization: ISO 27000 series, information technology - security techniques

    Google Scholar 

  9. ISO: ISO 20828 (2006). https://www.iso.org/standard/41891.html?browse=tc. Accessed 13 May 2019

  10. ISO - International Organization for Standardization: ISO 26262 Road vehicles Functional Safety Part 1–10. Technical report, International Organization for Standardization (2011)

    Google Scholar 

  11. ITU: Methodologies for intrusion detection system on in-vehicle systems, February 2019. https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=14395. Accessed 12 May 2019

  12. ITU: Security requirements for vehicle accessible external devices, February 2019. https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=14394. Accessed 12 May 2019

  13. ITU: Security aspects for Intelligent Transport System, May 2019. https://www.itu.int/en/ITU-T/studygroups/2017-2020/17/Pages/q13.aspx. Accessed 12 May 2019

  14. ITU: Security guidelines for the Ethernet-based in-vehicle networks, May 2019. https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=14819. Accessed 13 May 2019

  15. ITU: Security guidelines for V2X communication systems, February 2019. https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=13549. Accessed 12 May 2019

  16. ITU: Security guidelines for vehicular edge computing, February 2019. https://www.itu.int/ITU-T/workprog/wp_item.aspx?isn=14396. Accessed 12 May 2019

  17. ITU-T: Itu-t x.1373secure software update capability for intelligent transportation system communication devices (2017). https://www.itu.int/rec/T-REC-X.1373/en. Accessed 12 May 2019

  18. Krzeszewski, J.T.: ISO 21434 - current status. Recording of a Presentation at the 3rd Vector Automotive Cybersecurity Symposium, April 2019. https://youtu.be/2MaG5D1kLt0?t=760. Accessed 12 May 2019

  19. Macher, G., Armengaud, E., Brenner, E., Kreiner, C.: A review of threat analysis and risk assessment methods in the automotive context. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 130–141. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_11

    Chapter  Google Scholar 

  20. Macher, G., Messnarz, R., Armengaud, E., Riel, A., Brenner, E., Kreiner, C.: Integrated safety and security development in the automotive domain. In: SAE Technical Paper. SAE International (2017). http://papers.sae.org/2017-01-1661/

  21. Schmittner, C., Griessnig, G., Ma, Z.: Status of the development of ISO/SAE 21434. In: Larrucea, X., Santamaria, I., O’Connor, R.V., Messnarz, R. (eds.) EuroSPI 2018. CCIS, vol. 896, pp. 504–513. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-97925-0_43

    Chapter  Google Scholar 

  22. Schmittner, C., Ma, Z., Reyes, C., Dillinger, O., Puschner, P.: Using SAE J3061 for automotive security requirement engineering. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 157–170. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45480-1_13

    Chapter  Google Scholar 

  23. Scuro, G.: Automotive industry: innovation driven by electronics (2012). http://embedded-computing.com/articles/automotive-industry-innovation-driven-electronics/

  24. Secretary of TF-CS/OTA UNECE WP29: Draft Recommendation on Cyber Security of the Task Force on Cyber Security and Over-the-air issues of UNECE WP.29 IWG ITS/AD, April 2018. https://wiki.unece.org/pages/viewpage.action?pageId=58524794. Accessed 27 Mar 2019

  25. Secretary of TF-CS/OTA UNECE WP29: Draft Recommendation on Software Updates of the Task Force on Cyber Security and Over-the-air issues of UNECE WP.29 IWG ITS/AD, September 2018. https://www.unece.org/fileadmin/DAM/trans/doc/2018/wp29grva/GRVA-01-18.pdf. Accessed 27 Mar 2019

  26. TC 56: IEC 60812 Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA). Technical report, International Organization for Standardization (2006)

    Google Scholar 

  27. TC 56: IEC 61025 Fault tree analysis (FTA). Technical report, International Organization for Standardization, December 2006

    Google Scholar 

  28. TC 65: IEC 61508 Functional safety of electrical/electronic/programmable electronic safety-related systems. Technical report, International Organization for Standardization

    Google Scholar 

  29. Vehicle Electrical System Security Committee: SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems. Technical report, SAE (2016)

    Google Scholar 

Download references

Acknowledgments

This work is supported by the DRIVES, Afarcloud and the PRYSTINE projects. The Development and Research on Innovative Vocational Educational Skills project (DRIVES) is co-funded by the Erasmus+ Programme of the European Union under the agreement 591988-EPP-1-2017-1-CZ-EPPKA2-SSA-B. Afarcloud and the PRYSTINE are funded under the ECSEL programm by the ECSEL JU and FFG (grant agreement nr 783221 and nr 783190).

Author information

Authors and Affiliations

  1. Austrian Institute of Technology, Vienna, Austria

    Christoph Schmittner

  2. Institute for Technical Informatics, Graz University of Technology, Graz, Austria

    Georg Macher

Authors
  1. Christoph Schmittner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Georg Macher
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christoph Schmittner .

Editor information

Editors and Affiliations

  1. Newcastle University, Newcastle-upon-Tyne, UK

    Alexander Romanovsky

  2. Åbo Akademi University, Turku, Finland

    Elena Troubitsyna

  3. City, University of London, London, UK

    Ilir Gashi

  4. AIT Austrian Institute of Technology, Vienna, Austria

    Erwin Schoitsch

  5. Thales Deutschland GmbH, Berlin, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Schmittner, C., Macher, G. (2019). Automotive Cybersecurity Standards - Relation and Overview. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2019. Lecture Notes in Computer Science(), vol 11699. Springer, Cham. https://doi.org/10.1007/978-3-030-26250-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-26250-1_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-26249-5

  • Online ISBN: 978-3-030-26250-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation