SAM: A Security Abstraction Model for Automotive Software Systems

  • Markus ZoppeltEmail author
  • Ramin Tavakoli KolagariEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11552)


Due to the emergence of (semi-)autonomous vehicles and networked technologies in the automotive domain, the development of secure and reliable vehicles plays an increasingly important role in the protection of road users. Safe and secure road transport is a major societal and political objective, which is substantiated by the concrete goal of the European Commission to “move close to zero fatalities in road transport” (White Paper of the European Commission Roadmap to a Single European Transport Area—Towards a competitive and resource efficient transport system, 2011, page 10.) within the next three decades. One historically often neglected aspect of this objective in automotive system development is security, i.e., freedom from maliciously implemented threats. In the automotive software industry, model-based engineering is the current state of the practice. Instead of integrating security into the entire system development process, it currently tends to be an afterthought. Because of the tight interdependencies and integration of components, the consequences of gaping security flaws are grave. The contribution of this paper is a secure modeling approach enabling the automotive engineer to analyze the software system in the context of industrial model-based engineering in an early phase. The security modeling language specification is presented as a proposed annex to the relevant industry standard EAST-ADL, and therefore offers a common modeling approach for architectural and security aspects. All security extensions are in line with this standard and its meta level, which is shared with AUTOSAR. The security modeling language specification is demonstrated in a small modeling example, along with a formal evaluation which applies the Grounded Theory method to a set of expert interviews, showing that it is comprehensive and embraces even non-standardized pertinent research.


Automotive security Safety and secrurity Security requirements 


  1. 1.
    AUTOSAR: Enabling Continuous Innovations (2018).
  2. 2.
    AUTOSAR AP Release 17–10: Requirements on Security Management for Adaptive Platform.
  3. 3.
    Bißmeyer, N., et al.: PREparing SEcuRe VEhicle-to-X Communication Systems - Deliverable 1.3 - V2X Security Architecture v2 (2014)Google Scholar
  4. 4.
    Blom, H., et al.: EAST-ADL-an architecture description language for automotive software-intensive systems-white paper version 2.1.12. Accessed Jan 2013
  5. 5.
    Chen, M., Qian, Y., Mao, S., Tang, W., Yang, X.: Software-defined mobile networks security. Mob. Netw. Appl. 21(5), 729–743 (2016)CrossRefGoogle Scholar
  6. 6.
    Dalpiaz, F., Paja, E., Giorgini, P.: Security requirements engineering via commitments. In: Socio-technical Aspects in Security and Trust (STAST), pp. 1–8. IEEE (2011).
  7. 7.
    Glaser, B.G., Strauss, A.L., Strutzel, E.: The discovery of grounded theory; strategies for qualitative research. Nurs. Res. 17(4), 364 (1968)CrossRefGoogle Scholar
  8. 8.
    Happel, A., Ebert, C.: Security in vehicle networks of connected cars. In: Bargende, M., Reuss, H.C., Wiedemann, J. (eds.) 15. Internationales Stuttgarter Symposium: Automobil- und Motorentechnik (March), pp. 233–246. Springer, Wiesbaden (2015). Scholar
  9. 9.
    Haskins, C., Forsberg, K., Krueger, M., Walden, D., Hamelin, D.: Systems engineering handbook. In: INCOSE (2006)Google Scholar
  10. 10.
    Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B.: Security requirements for automotive on-board networks. In: 2009 9th International Conference on Intelligent Transport Systems Telecommunications, ITST 2009, pp. 641–646. IEEE (2009).
  11. 11.
    Holm, H., Ekstedt, M., Sommestad, T., Korman, M.: A Manual for the Cyber Security Modeling Language (2014)Google Scholar
  12. 12.
    International Organization for Standardization: Road vehicles - functional safety - Part 2: Management of functional safety. International Organization for Standardization 066(20), 26 (2009)Google Scholar
  13. 13.
    ISO/IEC: ISO/IEC 15408–1:2009 - Evaluation Criteria for IT Security 2009, 64 (2009)Google Scholar
  14. 14.
    Johansson, C., Bucanac, C.: The V-Model. IDE, University Of Karlskrona, Ronneby (1999)Google Scholar
  15. 15.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). Scholar
  16. 16.
    Lee, J., Bagheri, B., Kao, H.A.: A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manuf. Lett. 3, 18–23 (2015)CrossRefGoogle Scholar
  17. 17.
    Macher, G., Höller, A., Sporer, H., Armengaud, E., Kreiner, C.: A combined safety-hazards and security-threat analysis method for automotive systems. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 237–250. Springer, Cham (2015). Scholar
  18. 18.
    Mash, C.: Ethernet set to bring about radical shift in how automotive networks are implemented, January 2018.
  19. 19.
    Mell, P., Scarfone, K., Romanosky, S.: A complete guide to the common vulnerability scoring system version 2.0. In: Published by FIRST-Forum of Incident Response and Security Teams, vol. 1, p. 23 (2007)Google Scholar
  20. 20.
    Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. Defcon 22, 1–90 (2014)Google Scholar
  21. 21.
    Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(02), 285–309 (2007). Scholar
  22. 22.
    Nguyen, P.H., Ali, S., Yue, T.: Model-based security engineering for cyber-physical systems: a systematic mapping study (2017).
  23. 23.
    Palanca, A., Evenchick, E., Maggi, F., Zanero, S.: A stealth, selective, link-layer denial-of-service attack against automotive networks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 185–206. Springer, Cham (2017). Scholar
  24. 24.
    Rao, K.R.M., Pant, D.: A threat risk modeling framework for Geospatial Weather Information System (GWIS): a DREAD based study. Int. J. Adv. Comput. Sci. Appl. 1(3) (2010)Google Scholar
  25. 25.
    Ross, R., McEvilley, M., Carrier Oren, J.: Systems security engineering: considerations for a multidisciplinary approach in the engineering of trustworthy secure systems, vol. 160, November 2016.
  26. 26.
    Sandelin, A., Alkema, W., Engström, P., Wasserman, W.W., Lenhard, B.: JASPAR: an open-access database for eukaryotic transcription factor binding profiles. Nucleic Acids Res. 32(Suppl. 1), D91–D94 (2004)CrossRefGoogle Scholar
  27. 27.
    Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)Google Scholar
  28. 28.
    Smith, C., Francisco, S.: The Car Hacker’s Handbook a Guide for the Penetration Tester About the Contributing Author About the Technical Reviewer (2016)Google Scholar
  29. 29.
    Thing, V.L., Wu, J.: Autonomous vehicle security: a taxonomy of attacks and defences. In: Proceedings - 2016 IEEE International Conference on Internet of Things; IEEE Green Computing and Communications; IEEE Cyber, Physical, and Social Computing; IEEE Smart Data, iThings-GreenCom-CPSCom-Smart Data 2016, pp. 164–170 (2017).
  30. 30.
    Tuohy, S., Glavin, M., Hughes, C., Jones, E., Trivedi, M., Kilmartin, L.: Intra-vehicle networks: a review (2015).
  31. 31.
    Valasek, C., Miller, C.: Adventures in automotive networks and control units. Technical White Paper, vol. 21, p. 99 (2013)Google Scholar
  32. 32.
    Van Tilborg, H.C.A., Jajodia, S.: Encyclopedia of Cryptography and Security. Springer, New York (2014)zbMATHGoogle Scholar
  33. 33.
    Zeng, W., Khalid, M.A., Chowdhury, S.: In-vehicle networks outlook: achievements and challenges. IEEE Commun. Surv. Tutor. 18(3), 1552–1571 (2016). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Nuremberg Institute of TechnologyNurembergGermany

Personalised recommendations