KIPS Transactions on Software and Data Engineering (정보처리학회논문지:소프트웨어 및 데이터공학)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Methodology for Integrating Security into the Automotive Development Process

자동차 개발 프로세스에서의 보안 내재화 방법론

  • 정승연 (고려대학교 자동차융합학과) ;
  • 강수영 (고려대학교 정보보호학과) ;
  • 김승주 (고려대학교 사이버국방학과/정보보호대학원)
  • Received : 2020.06.17
  • Accepted : 2020.08.25
  • Published : 2020.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Conventional automotive development has mainly focused on ensuring correctness and safety and security has been relatively neglected. However, as the number of automotive hacking cases has increased due to the increased Internet connectivity of automobiles, international organizations such as the United Nations Economic Commission for Europe(UNECE) are preparing cybersecurity regulations to ensure security for automotive development. As with other IT products, automotive cybersecurity regulation also emphasize the concept of "Security by Design", which considers security from the beginning of development. In particular, since automotive development has a long lifecycle and complex supply chain, it is very difficult to change the architecture after development, and thus Security by Design is much more important than existing IT products. The problem, however, is that no specific methodology for Security by Design has been proposed on automotive development process. This paper, therefore, proposes a specific methodology for Security by Design on Automotive development. Through this methodology, automotive manufacturers can simultaneously consider aspects of functional safety, and security in automotive development process, and will also be able to respond to the upcoming certification of UNECE automotive cybersecurity regulations.

기존의 자동차 개발은 주로 정확성(Correctness) 및 안전성(Safety) 확보에 초점을 맞추어 왔으며, 이에 반해 보안성(Security)은 비교적 소홀하게 다루어져 왔다. 하지만 최근 자동차의 인터넷 연결성이 높아짐에 따라 자동차 해킹 사례가 증가하면서, 유엔유럽경제위원회(United Nations Economic Commission for Europe, UNECE)와 같은 국제기관은 자동차 개발에 대한 보안성을 확보하기 위해 사이버보안 규제를 준비하고 있다. 다른 IT 제품과 마찬가지로 자동차 사이버보안 규제에서 또한 개발 초기부터 보안성을 고려하는 "보안 내재화(Security by Design)"의 개념을 강조한다. 특히 자동차 개발은 생명주기가 길고 공급망이 복잡하기 때문에 개발 이후에 아키텍처를 변경하는 것이 매우 어려우므로, 자동차 개발에 있어 보안 내재화는 기존 IT 제품에 비해 훨씬 더 중요시된다. 그러나 문제는 아직 자동차 개발 과정에 보안을 내재화하는 구체적인 방법론이 제시되지 못하고 있다는 것이다. 이에 본 논문에서는 자동차 보안 내재화를 위한 구체적인 방법론을 제안한다. 본 논문에서 제안된 방법론을 통해 자동차 제조사는 자동차 개발 과정에 있어 기능 안전성과 보안성의 측면을 동시에 고려할 수 있으며, 다가오는 UNECE 자동차 사이버보안 규제에 대한 인증에도 대응할 수 있을 것이다.

Keywords

Acknowledgement

이 논문은 2020년도 정부(과학기술정보통신부)의 재원으로 정보통신기획평가원의 지원을 받아 수행된 연구임(No.2017-0-00184, 자기학습형 사이버 면역 기술 개발).

References

  1. R. Bell, "Introduction to IEC 61508," ACM International Conference Proceeding Series, Vol.162, pp.3-12, 2006.
  2. Amiso M. George, "Japan (Toyota)," in Case studies in crisis communication: International perspectives on hits and misses, Part III, pp.227-252, 1997.
  3. R. Debouk, "Overview of the 2nd Edition of ISO 26262: Functional safety-road vehicles," General Motors Company, Warren, MI, USA, 2018.
  4. Craigen, Dan, Nadia Diakun-Thibault, and Randy Purse., "Defining cybersecurity," Technology Innovation Management Review, Vol.4, No.10, 2014.
  5. J. M ssinger, "Software in automotive systems," IEEE Software, Vol.27, No.2, pp.92-94, 2010. https://doi.org/10.1109/MS.2010.55
  6. C. Miller and C. Valasek. "Remote exploitation of an unaltered passenger vehicle," in Black Hat USA, pp.91, 2015.
  7. Mathias Dehm, Markus Tschersich, "Road Vehicles' Life-Cycle: Mapping of relevant standards and regulations for automotive cybersecurity," in ESCAR Europe, 2019.
  8. H. Khattri, N. K. V. Mangipudi, and S. Mandujano, "Hsdl: A security development lifecycle for hardware technologies," 2012 IEEE International Symposium on HardwareOriented Security and Trust, pp.116-121, 2012.
  9. P. Salini and S. Kanmani. "Survey and analysis on security requirements engineering," Computers & Electrical Engineering, Vol.38, No.6, pp.1785-1797, 2012. https://doi.org/10.1016/j.compeleceng.2012.08.008
  10. S. Khou, L. O. Mailloux, J. M. Pecarina, and M. Mcevilley, "A customizable framework for prioritizing systems security engineering processes, activities, and tasks," IEEE Access, Vol.5, pp.12878-12894, 2017. https://doi.org/10.1109/ACCESS.2017.2714979
  11. N. M. Mohammed, M. Niazi, M. Alshayeb, and S. Mahmood, "Exploring software security approaches in software development lifecycle: A systematic mapping study," Computer Standards & Interfaces, Vol.50, pp.107-115, 2017. https://doi.org/10.1016/j.csi.2016.10.001
  12. T. Loruenser, H. C. Pohls, L. Sell, and T. Laenger, "CryptSDLC: Embedding cryptographic engineering into secure software development lifecycle," Proceedings of the 13th International Conference on Availability, Reliability and Security, pp.1-9, 2018.
  13. Ruggieri, Maxwell, Tzu-Tang Hsu, and Md Liakat Ali. "Security Considerations for the Development of Secure Software Systems," 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), pp.1187-1193, 2019.
  14. E. Venson, X. Guo, Z. Yan, and B. Boehm, "Costing Secure Software Development: A Systematic Mapping Study," Proceedings of the 14th International Conference on Availability, Reliability and Security, pp.1-11, 2019.
  15. V. Casola, A. De Benedictis, M. Rak, and U. Villano, "A novel Security-by-Design methodology: Modeling and assessing security by SLAs with a quantitative approach," Jounal of Systems and Software, Vol.163, pp.110537, 2020. https://doi.org/10.1016/j.jss.2020.110537
  16. A. Avizienis, J. C. Laprie, B. Randell, and C. Landwehr, "Basic concepts and taxonomy of dependable and secure computing," IEEE Transactions on Dependable and Secure Computing, Vol.1, No.1, pp.11-33, 2004. https://doi.org/10.1109/TDSC.2004.2
  17. A. Michailidis, U. Spieth, T. Ringler, B. Hedenetz, and S. Kowalewski, "Test front loading in early stages of automotive software development based on AUTOSAR," 2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010), pp.435-440, 2010.
  18. R. Y. Takahira, L. R. Laraia, F. A. Dias, S. Y. Abraham, P. T. Nascimento, and A. S. Camargo, "Scrum and Embedded Software development for the automotive industry," Proceedings of PICMET'14 Conference: Portland International Center for Management of Engineering and Technology; Infrastructure and Service Integration, pp.2664-2672, 2014.
  19. Young, William, and Nancy G. Leveson. "An integrated approach to safety and security based on systems theory," Communications of the ACM, Vol.57, No.2, pp.31-35, 2014. https://doi.org/10.1145/2556938
  20. S. Kriaa, L. Pietre-Cambacedes, M. Bouissou and Y. Halgand, "A survey of approaches combining safety and security for industrial control systems," Reliability Engineering & System Safety, Vol.139, pp.156-178, 2015. https://doi.org/10.1016/j.ress.2015.02.008
  21. C. Wolff, L. Krawczyk, R. Hottger, C. Brink, U. Lauschner, D. Fruhner, ... and B. Igel, "AMALTHEA-Tailoring tools to projects in automotive software development," 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Vol.2, pp.515-520, 2015.
  22. Schmittner, Christoph, Zhendong Ma, and Erwin Schoitsch. "Combined safety and security development lifecylce," 2015 IEEE 13th International Conference on Industrial Informatics (INDIN), pp.1408-1415, 2015.
  23. Sabaliauskaite, Giedre, Sridhar Adepu, and Aditya Mathur, "A six-step model for safety and security analysis of cyber-physical systems," International Conference on Critical Information Infrastructures Security, pp.189-200, 2016.
  24. Pricop, Emil, Sanda Florentina Mihalache, and Jaouhar Fattahi, "Innovative fuzzy approach on analyzing industrial control systems security," Recent Advances in Systems Safety and Security, pp.223-239, 2016.
  25. M. Brunner, M. Huber, C. Sauerwein, and R. Breu, "Towards an integrated model for safety and security requirements of cyber-physical systems," 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp.334-340, 2017.
  26. Y. Zhang, P. Shi, C. Dong, Y. Liu, X. Shao, and C. Ma, "Test and Evaluation System for Automotive Cybersecurity," 2018 IEEE International Conference on Computational Science and Engineering (CSE), pp.201-207, 2018.
  27. S. Yi, H. Wang, Y. Ma, F. Xie, P. Zhang, and L. Di, "A safety-security assessment approach for communicationbased train control (cbtc) systems based on the extended fault tree," 2018 27th International Conference on Computer Communication and Networks (ICCCN), pp.1-5, 2018.
  28. H. Abdo, M. Kaouk, J. M. Flaus, and F. Masse, "A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie- combining new version of attack tree with bowtie analysis," Computers & Security, Vol.72, pp.175-195, 2018. https://doi.org/10.1016/j.cose.2017.09.004
  29. Skoglund, Martin, Fredrik Warg, and Behrooz Sangchoolie, "In Search of Synergies in a Multi-concern Development Lifecycle: Safety and Cybersecurity," International Conference on Computer Safety, Reliability, and Security, pp.302-313, 2018.
  30. T. Chowdhury, E. Lesiuta, K. Rikley, C. W. Lin, E. Kang, B. Kim, ... and A. Wassyng, "Safe and secure automotive over-the-air updates," International Conference on Computer Safety, Reliability, and Security, pp.172-187, 2018.
  31. F. Asplund, J. McDermid, R. Oates, and J. Roberts, "Rapid Integration of CPS Security and Safety," IEEE Embedded Systems Letters, Vo.11, No.4, pp.111-114, 2018. https://doi.org/10.1109/les.2018.2879631
  32. Lisova, Elena, Irfan Sljivo, and Aida Causevic, "Safety and security co-analyses: A systematic literature review," IEEE Systems Journal, Vol.13, No.3, pp.2189-2200, 2018. https://doi.org/10.1109/jsyst.2018.2881017
  33. Geismann, Johannes, Christopher Gerking, and Eric Bodden, "Towards ensuring security by design in cyber-physical systems engineering processes," Proceedings of the 2018 International Conference on Software and System Process, pp.123-127, 2018.
  34. K. Huang, C. Zhou, Y. C. Tian, S. Yang, and Y. Qin, "Assessing the physical impact of cyberattacks on industrial cyber-physical systems," IEEE Transactions on Industrial Electronics, Vol.65, No.10, pp.8153-8162, 2018. https://doi.org/10.1109/tie.2018.2798605
  35. D. S. Fowler, J. Bryans, M. Cheah, P. Wooderson, and S. A. Shaikh, "A Method for Constructing Automotive Cybersecurity Tests, a CAN Fuzz Testing Example," 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp.1-8, 2019.
  36. Oka, Dennis Kengo, Tommi Makila, and Rikke Kuipers, "Integrating Application Security Testing Tools into ALM Tools in the Automotive Industry," 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp.42-45, 2019.
  37. S. Verma, T. Gruber, C. Schmittner, and P. Puschner, "Combined Approach for Safety and Security," International Conference on Computer Safety, Reliability, and Security, pp.87-101, 2019.
  38. Apvrille, Ludovic, and Letitia W. Li, "Harmonizing safety, security and performance requirements in embedded systems," 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp.1631-1636, 2019.
  39. J. Dobaj, C. Schmittner, M. Krisper, and G. Macher, "Towards Integrated Quantitative Security and Safety Risk Assessment," International Conference on Computer Safety, Reliability, and Security, pp.102-116, 2019.
  40. M. Koschuch, W. Sebron, Z. Szalay, A. Torok, H. Tschiurtz, and I. Wahl, "Safety & Security in the Context of Autonomous Driving," 2019 IEEE International Conference on Connected Vehicles and Expo (ICCVE), pp.1-7, 2019.
  41. R. Bramberger, H. Martin, B. Gallina, and C. Schmittner, "Co-engineering of Safety and Security Life Cycles for Engineering of Automotive Systems," ACM SIGAda Ada Letters, Vol.39, No.2, pp.41-48, 2020. https://doi.org/10.1145/3394514.3394519
  42. B. De Win, R. Scandariato, K. Buyens, J. Gregoire, and W. Joosen, "On the secure software development process: CLASP, SDL and Touchpoints compared," Information and software technology, Vol.51, No.7, pp.1152-1171, 2009. https://doi.org/10.1016/j.infsof.2008.01.010
  43. Microsoft, "Security Development Lifecycle - SDL Process Guidance," Ver.5.2, 2012.
  44. United States Congress, "NIST SP 800-64 - Security Considerations in the System Development Life Cycle", Rev.2, 2019.
  45. OWASP, Comprehensive, lightweight application security process [Internet], http://www.owasp.org, 2006.
  46. SAE Vehicle Electrical System Security Committee, "Sae j3061-cybersecurity guidebook for cyber-physical automotive systems," SAE-Society of Automotive Engineers, 2016.
  47. Schmittner, Christoph, and Georg Macher, "Automotive Cybersecurity Standards-Relation and Overview," International Conference on Computer Safety, Reliability, and Security, pp.153-165, 2019.
  48. UNECE, "Draft Cyber Security Regulation," final clean version, 2020.
  49. H. Hunjan, "ISO/SAE 21434 Automotive Cyber-Security Engineering," Presentation, Renessas Electronics LTD, 2018.
  50. Blyler, John, "Software-Hardware Integration in Automotive Product Development," SAE, pp.i-v, 2014.
  51. LDRA, "Build Security Into The Connected Car Development Life Cycle" [Internet], https://ldra.com/buildsecurityconnected-car-development-life-cycle/?fbclid=IwAR01liF34G0QMtisIVoazTFlDZR2GhVCXOFtg1BkGr7_U9RNwgCfRG02kko, 2017.
  52. E. Schoitsch, C. Schmittner, Z. Ma, and T. Gruber, "The need for safety and cyber-security co-engineering and standardization for highly automated automotive vehicles," Advanced Microsystems for Automotive Applications 2015, pp.251-261, 2016.
  53. Sabaliauskaite, Giedre, and Aditya P. Mathur, "Aligning cyber-physical system safety and security," Complex Systems Design & Management Asia, pp.41-53, 2015.
  54. Synopsys, What is ASIL? [Internet], https://www.synopsys.com/automotive/what-is-asil.html
  55. Schmittner, Christoph, and Zhendong Ma, "Towards a framework for alignment between automotive safety and security standards," International Conference on Computer Safety, Reliability, and Security, pp.133-143, 2014.
  56. Miller, Joseph D, "Automotive System Safety: Critical Considerations for Engineering and Effective Management," John Wiley & Sons, 2019.
  57. Mellado, Daniel, Eduardo Fernandez-Medina, and Mario Piattini, "A common criteria based security requirements engineering process for the development of secure information systems," Computer Standards & Interfaces, Vol.29, No.2, pp.244-253, 2007. https://doi.org/10.1016/j.csi.2006.04.002
  58. Yin, Lei, and Fang-Liang Qiu, "A novel method of security requirements development integrated common criteria," 2010 International Conference On Computer Design and Applications, Vol.5, pp.V5-531, 2010.
  59. D. Mellado, C. Blanco, L. E. Sanchez, and E. Fernandez-Medina, "A systematic review of security requirements engineering," Computer Standards & Interfaces, Vol.32, No.4, pp.153-165, 2010. https://doi.org/10.1016/j.csi.2010.01.006
  60. S. H. Houmb, S. Islam, E. Knauss, J. Jurjens, and K. Schneider, "Eliciting security requirements and tracing them to design: An integration of Common Criteria, heuristics, and UMLsec," Requirements Engineering, Vol.15, No.1 pp.63-93, 2010. https://doi.org/10.1007/s00766-009-0093-9
  61. Mesquida, Antoni Lluis, and Antonia Mas, "Implementing information security best practices on software lifecycle processes: The ISO/IEC 15504 Security Extension," Computers & Security, Vol.48, pp.19-34, 2015. https://doi.org/10.1016/j.cose.2014.09.003
  62. H. Li, X. Li, J. Hao, G. Xu, Z. Feng, and X. Xie, "Fesr: A framework for eliciting security requirements based on integration of common criteria and weakness detection formal model," 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp.352-363, 2017.
  63. Barafort, Beatrix, Antoni-Lluis Mesquida, and Antonia Mas, "Integrating risk management in IT settings from ISO standards and management systems perspectives," Computer Standards & Interfaces, Vol.54, pp.176-185, 2017. https://doi.org/10.1016/j.csi.2016.11.010
  64. Barafort, Beatrix, Antoni-Lluis Mesquida, and Antonia Mas, "Integrated risk management process assessment model for IT organizations based on ISO 31000 in an ISO multistandards context," Computer Standards & Interfaces, Vol.60, pp.57-66, 2018. https://doi.org/10.1016/j.csi.2018.04.010
  65. Lee, Younghwa, Jintae Lee, and Zoonky Lee, "Integrating software lifecycle process standards with security engineering," Computers & Security, Vol.21, No.4, pp.345-355, 2002. https://doi.org/10.1016/S0167-4048(02)00413-3
  66. D. Horie, T. Kasahara, Y. Goto, and J. Cheng, "A new model of software life cycle processes for consistent design, development, management, and maintenance of secure information systems,"2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, pp.897-902, 2009.
  67. Amara, Naseer, Zhiqui Huang, and Awais Ali, "Modelling Security Requirements for Software Development with Common Criteria," International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp.78-88, 2019.
  68. MISRA, C, MISRA C [Internet], https://www.misra.org.uk/