{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,2]],"date-time":"2025-09-02T11:04:13Z","timestamp":1756811053632,"version":"3.37.3"},"reference-count":91,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"Korea Agency for Infrastructure Technology Advancement (KAIA) Grant"},{"DOI":"10.13039\/501100007694","name":"Ministry of Land, Infrastructure and Transport","doi-asserted-by":"publisher","award":["RS-2021-KA162334"],"award-info":[{"award-number":["RS-2021-KA162334"]}],"id":[{"id":"10.13039\/501100007694","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002642","name":"Korea University","doi-asserted-by":"publisher","award":["RS-2021-KA162334"],"award-info":[{"award-number":["RS-2021-KA162334"]}],"id":[{"id":"10.13039\/501100002642","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/access.2024.3426591","type":"journal-article","created":{"date-parts":[[2024,7,11]],"date-time":"2024-07-11T18:08:02Z","timestamp":1720721282000},"page":"135811-135830","source":"Crossref","is-referenced-by-count":2,"title":["Development for High-Assurance Software Update Management System Complying With UN R156"],"prefix":"10.1109","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0780-3629","authenticated-orcid":false,"given":"Jaewan","family":"Seo","sequence":"first","affiliation":[{"name":"School of Cybersecurity, Korea University, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jiwon","family":"Kwak","sequence":"additional","affiliation":[{"name":"School of Cybersecurity, Korea University, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2157-0403","authenticated-orcid":false,"given":"Seungjoo","family":"Kim","sequence":"additional","affiliation":[{"name":"School of Cybersecurity, Korea University, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-99130-6_12"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-71610-7"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.4018\/IJCWT.2020040104"},{"volume-title":"Over-The-Air Updates Moving From Nice to Have to Vital","year":"2024","key":"ref4"},{"key":"ref5","first-page":"1","article-title":"Evaluation of lightweight TPMs for automotive software updates over the air","volume-title":"Proc. Int. Conf. Embedded Secur. Car","author":"Petri"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.18178\/jtle.6.1.11-16"},{"volume-title":"Issues With Federal Motor Vehicle Safety Standards","year":"2017","key":"ref7"},{"volume-title":"GM Recalls 4.3 Million Vehicles Over Air Bag-Related Defect","year":"2024","key":"ref8"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.4271\/2007-01-3523"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/iThings\/GreenCom\/CPSCom\/SmartData.2019.00053"},{"volume-title":"Updating Car ECUs Over-The-Air (FOTA)","year":"2024","key":"ref11"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.4271\/2005-01-0323"},{"volume-title":"Wind River Automotive Solutions Overview","year":"2024","key":"ref13"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107343"},{"volume-title":"In Automotive First, Tesla Pushes Over-the-Air Software Patch","year":"2012","key":"ref15"},{"volume-title":"Teslas Full List of New Features Enabled With Software Updates is a Glimpse At the Future of the Auto Industry","year":"2017","key":"ref16"},{"volume-title":"Implementing Over-the-Air Software Updates for Automotive Applications","year":"2017","key":"ref17"},{"volume-title":"Automotive Over-The-Air Updates: A Cost Consideration Guide","year":"2021","key":"ref18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/WF-IoT.2016.7845430"},{"volume-title":"Toyota Connected MaaS Strategy","year":"2019","key":"ref20"},{"key":"ref21","article-title":"Analysis on current situation and future development trend of vehicle OTA","author":"Xiangyu","year":"2019","journal-title":"Automobile Appl. Technol."},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.2016.7815712"},{"key":"ref23","first-page":"1","volume-title":"Remote Exploitation of an Unaltered Passenger Vehicle","author":"Charlie","year":"2015"},{"key":"ref24","first-page":"22","volume-title":"Free-Fall: Hacking Tesla From Wireless to Can Bus","author":"Sen","year":"2017"},{"key":"ref25","first-page":"3","volume-title":"Roadways to Exploit and Secure Connected BMW Cars","author":"Zhiqiang","year":"2019"},{"volume-title":"OTA Cyber Attacks Targeted by BlackBerry and Airbiquity","year":"2021","key":"ref26"},{"volume-title":"Teen S Tesla Hack Shows How Vulnerable Third-Party Apps May Make Cars","year":"2022","key":"ref27"},{"volume-title":"How to Protect Automotive Over-the-Air (OTA)","year":"2024","key":"ref28"},{"volume-title":"Cybersecurity Guidebook for Cyber-Physical Vehicle Systems","year":"2024","key":"ref29"},{"volume-title":"Road Vehicles\u2014Cybersecurity Engineering","year":"2021","key":"ref30"},{"volume-title":"Cyber Security and Cyber Security Management System","year":"2021","key":"ref31"},{"volume-title":"Software Update and Software Update Management System","year":"2021","key":"ref32"},{"volume-title":"Cybersecurity","year":"2020","key":"ref33"},{"volume-title":"Understanding Threat Modeling and Executive Order 14028","year":"2024","key":"ref34"},{"volume-title":"Understanding the UNECE WP.29 Cybersecurity Regulation (CSMS)","year":"2024","key":"ref35"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9020327"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-76384-8_4"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/2560537"},{"volume-title":"Heavens Healing Vulnerabilities to Enhance Software Security and Safety(Security Models)","year":"2018","key":"ref39"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/3488904.3493378"},{"volume-title":"EVITA Project Homepage","year":"2000","key":"ref41"},{"key":"ref42","article-title":"A systematic approach to a qualified security risk analysis for vehicular IT systems","author":"Marko","year":"2012","journal-title":"Automotive-Safety Security"},{"volume-title":"Methods and Protocols; Part 1: Method and Pro Forma for Threat, Vulnerability, Risk Analysis (TVRA)","year":"2017","key":"ref43"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2015.7266516"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.7873\/DATE.2015.0622"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/2899015.2899018"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.3390\/risks10050091"},{"volume-title":"Security risk analysis approach for on-board vehicle networks","year":"2010","author":"Ruddle","key":"ref48"},{"volume-title":"NASA Langley Formal Methods","year":"2024","key":"ref49"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.1997.635021"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44577-3_10"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2008.923410"},{"volume-title":"What is Abstract Interpretation?","year":"2024","key":"ref53"},{"volume-title":"Static Analysis Using Abstract Interpretation","year":"2024","key":"ref54"},{"key":"ref55","first-page":"20","article-title":"ASTR: From research to industry","volume-title":"Proc. 14th Int. Symp.","author":"David"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/WEIT.2011.34"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/1592434.1592438"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-35746-6_1"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-65306-6_21"},{"key":"ref60","first-page":"1","article-title":"History of interactive theorem proving","volume":"9","author":"John","year":"2014","journal-title":"Computational Logic."},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-22646-9"},{"volume-title":"Road Vehicles\u2014Functional Safety\u2014Part 6: Product Development At the Software Level","year":"2018","key":"ref62"},{"volume-title":"Functional Safety of Electrical\/Electronic\/Programmable Electronic Safety-related Systems\u2014Part 3: Software Requirements","year":"2010","key":"ref63"},{"article-title":"System theoretic approach to cybersecurity risks analysis of passenger autonomous vehicles","year":"2018","author":"Lee","key":"ref64"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2020.103257"},{"key":"ref66","article-title":"Multilayer secure framework for vehicular systems","author":"Hamad","year":"2020","journal-title":"Von der Fakultet fer Elektrotechnik"},{"key":"ref67","article-title":"An STPA-based approach for systematic security analysis of in-vehicle diagnostic and software update systems","author":"Yu","year":"2020","journal-title":"arXiv:2006.09108"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/ICARA51699.2021.9376542"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.5220\/0010431408000808"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1145\/3473714.3473851"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109394"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlamp.2022.100812"},{"volume-title":"Data-Flow Diagram Depth Layers","year":"2000","key":"ref73"},{"volume-title":"Introduction to Microsoft Security Development Lifecycle (SDL) Threat Modeling","year":"2024","key":"ref74"},{"key":"ref75","first-page":"1","article-title":"Two architectural threat analysis techniques compared","volume-title":"Proc. 12th Eur. Conf. Softw. Archit.","author":"Katja"},{"volume-title":"Threat Modeling: Designing for Security","year":"2014","author":"Adam","key":"ref76"},{"article-title":"Efficiency and automation in threat analysis of software systems","year":"2021","author":"Katja","key":"ref77"},{"volume-title":"A Hybrid Approach to Threat Modelling","key":"ref78"},{"issue":"1","key":"ref79","first-page":"124","article-title":"Threat modeling using attack trees","volume":"23","author":"Saini","year":"2008","journal-title":"J. Comput. Sci. Colleges"},{"issue":"1","key":"ref80","first-page":"21","article-title":"Attack trees","volume":"24","author":"Bruce","year":"1999","journal-title":"Dr. Dobbs J."},{"volume-title":"UML Basics: The Component Diagram","key":"ref81"},{"volume-title":"Introduction to the Event-B Modelling Method, Industrial Deployment of System Engineering Methods","year":"2013","author":"Hoan","key":"ref82"},{"article-title":"RODIN deliverable 3.2: Event-B language","year":"2005","author":"Metayer","key":"ref83"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1007\/11916246_18"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45480-1_13"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/MCOMSTD.0001.2100080"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW55150.2022.00041"},{"key":"ref88","first-page":"8","volume-title":"Practical Cybersecurity","author":"Christof","year":"2022"},{"issue":"1","key":"ref89","first-page":"40","article-title":"Efficient implementation of standards for security, safety and UNECE","volume":"15","author":"Christof","year":"2020","journal-title":"ATZ Electronics Worldwide"},{"volume-title":"Ensure a Secure Software Update With UN Regulation","year":"2024","key":"ref90"},{"volume-title":"UNECE Cybersecurity (R155) Regulation for Automotive Suppliers","year":"2024","key":"ref91"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6287639\/10380310\/10595114.pdf?arnumber=10595114","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,2]],"date-time":"2024-10-02T18:34:44Z","timestamp":1727894084000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10595114\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":91,"URL":"https:\/\/doi.org\/10.1109\/access.2024.3426591","relation":{},"ISSN":["2169-3536"],"issn-type":[{"type":"electronic","value":"2169-3536"}],"subject":[],"published":{"date-parts":[[2024]]}}}