{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T03:24:06Z","timestamp":1760239446894,"version":"build-2065373602"},"reference-count":100,"publisher":"MDPI AG","issue":"11","license":[{"start":{"date-parts":[[2020,11,16]],"date-time":"2020-11-16T00:00:00Z","timestamp":1605484800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>As the intelligent car-networking represents the new direction of the future vehicular development, automotive security plays an increasingly important role in the whole car industry chain. On condition that the accompanying problems of security are proofed, vehicles will provide more convenience while ensuring safety. Security models can be utilized as tools to rationalize the security of the automotive system and represent it in a structured manner. It is essential to improve the knowledge about security models by comparing them besides proposing new methods. This paper aims to give a comprehensive introduction to the topic of security models for the Intelligent Transport System (ITS). A survey of the current methodologies for security modeling is conducted and a classification scheme is subsequently proposed. Furthermore, the existing framework and methods to build automotive security models are broadly examined according to the features of automotive electronic system. A number of fundamental aspects are defined to compare the presented methods in order to comprehend the automotive security modeling in depth.<\/jats:p>","DOI":"10.3390\/fi12110198","type":"journal-article","created":{"date-parts":[[2020,11,16]],"date-time":"2020-11-16T11:04:20Z","timestamp":1605524660000},"page":"198","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["On the Modeling of Automotive Security: A Survey of Methods and Perspectives"],"prefix":"10.3390","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7183-5644","authenticated-orcid":false,"given":"Jingjing","family":"Hao","sequence":"first","affiliation":[{"name":"School of Mechanical Engineering, Tianjin University, Tianjin University Beiyangyuan Campus, No. 135 Yaguan Road, Jinnan District, Tianjin 300350, China"},{"name":"CATARC(Tianjin) Automotive Engineering Research Institute, No. 68, Xianfeng EastRoad, Dongli District, Tianjin 300300, China"}]},{"given":"Guangsheng","family":"Han","sequence":"additional","affiliation":[{"name":"CATARC(Tianjin) Automotive Engineering Research Institute, No. 68, Xianfeng EastRoad, Dongli District, Tianjin 300300, China"}]}],"member":"1968","published-online":{"date-parts":[[2020,11,16]]},"reference":[{"key":"ref_1","first-page":"1","article-title":"State-of-the-art and technical trends of intelligent and connected vehicles","volume":"8","author":"Li","year":"2017","journal-title":"Automot. Saf. Energy"},{"key":"ref_2","unstructured":"Pelkmans, L., Hult\u00e9n, S., Cowan, R., Azkarate, G., and Christidis, A. (2003). Trends in Vehicle and Fuel Technologies: Review of Past Trends, European Science and Technology Observatory."},{"key":"ref_3","unstructured":"Greenback, A. (2016, January 08). The Jeep Hackers Are Back to Prove Car Hacking Can Get much Worse. Available online: https:\/\/www.wired.com\/2016\/08\/jeep-hackers-return-high-speed-steering-acceleration-hacks\/."},{"key":"ref_4","unstructured":"Anderson, R. (2003, January 18\u201319). Electronic safety and security-new challenges for the car industry. Proceedings of the 1st Workshop on Embedded Security in Cars (ESCAR), Bochum, Germany."},{"key":"ref_5","unstructured":"Miller, C., and Valasek, C. (2014, July 01). A Survey of Remote Automotive Attack Surfaces. Available online: https:\/\/ioactive.com\/wp-content\/uploads\/2018\/05\/IOActive_Remote_Attack_Surfaces.pdf."},{"key":"ref_6","unstructured":"Miller, C., and Valasek, C. (2015, August 10). Remote Exploitation of an Unaltered Passenger Vehicle. Available online: https:\/\/ioactive.com\/pdfs\/IOActive_Remote_Car_Hacking.pdf."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., and Shacham, H. (2010, January 16\u201319). Experimental security analysis of a modern automobile. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA.","DOI":"10.1109\/SP.2010.34"},{"key":"ref_8","unstructured":"Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., and Kohno, T. (2011, January 8\u201312). Comprehensive experimental analyses of automotive attack surfaces. Proceedings of the 20th USENIX Conference on Security, San Francisco, CA, USA."},{"key":"ref_9","unstructured":"King, J.D. (2001). Passive Remote Keyless Entry System. (US623,633,3B1), U.S. Patent."},{"key":"ref_10","unstructured":"Francillon, A., Danev, B., and Capkun, S. (2011, January 6\u20139). Relay attacks on passive keyless entry and start systems in modern cars. Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA."},{"key":"ref_11","unstructured":"Verdult, R., Garcia, F.D., and Balasch, J. (2012, January 8\u201310). Gone in 360 seconds: Hijacking with Hitag2. Proceedings of the 21st 5USENIX6 Security Symposium (5USENIX6 Security 12), Bellevue, WA, USA."},{"key":"ref_12","unstructured":"Verdult, R., Garcia, F.D., and Ege, B. (2013, January 14\u201316). Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer. Proceedings of the USENIX Security Symposium, Washington, DC, USA."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/978-3-540-85174-5_12","article-title":"On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme","volume":"Volume 5157","author":"Wagner","year":"2008","journal-title":"Advances in Cryptology-CRYPTO 2008"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1007\/978-3-540-71039-4_6","article-title":"Algebraic and Slide Attacks on KeeLoq","volume":"Volume 5086","author":"Nyberg","year":"2008","journal-title":"Fast Software Encryption"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1007\/978-3-540-87698-4_21","article-title":"Security Threats to Automotive CAN Networks-Practical Examples and Selected Short-Term Countermeasures","volume":"Volume 5219","author":"Harrison","year":"2008","journal-title":"Computer Safety, Reliability, and Security"},{"key":"ref_16","first-page":"993","article-title":"A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN","volume":"16","author":"Woo","year":"2014","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_17","unstructured":"Foster, I.D., Prudhomme, A., Koscher, K., and Savage, S. (2015, January 10\u201311). Fast and Vulnerable: A Story of Telematic Failures. Proceedings of the Workshop on Offensive Technologies (WOOT), Washington, DC, USA."},{"key":"ref_18","unstructured":"Mahaffey, K. (2015, August 05). Hacking a Tesla Model S: What We Found and What We Learned. Available online: https:\/\/blog.lookout.com\/hacking-a-tesla."},{"key":"ref_19","unstructured":"Spill, D., and Bittau, A. (2007, January 6\u201310). BlueSniff: Eve Meets Alice and Bluetooth. Proceedings of the first USENIX workshop on Offensive Technologies (WOOT 07), Berkeley, CA, USA."},{"key":"ref_20","unstructured":"Ground Vehicle Standard J3016_201806 (2018). Taxonomy and Definitions for Terms Related to on-Road Motor Vehicle Automated Driving Systems, SAE International."},{"key":"ref_21","unstructured":"Sommer, F., and Durrwang, J. (2019, April 16). IEEM-HsKA\/AAD: Automotive Attack Database (AAD). Available online: https:\/\/github.com\/IEEM-HsKA\/AAD."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Eykholt, K., Evtimov, I., Fernandes, E., Li, B., Rahmati, A., Xiao, C., Prakash, A., Kohno, T., and Song, D. (2018, April 10). Robust Physical-World Attacks on Deep Learning Models. Available online: http:\/\/arxiv.org\/pdf\/1707.08945v5.","DOI":"10.1109\/CVPR.2018.00175"},{"key":"ref_23","unstructured":"Petit, J., Stottelaar, B., Feiri, M., and Kargl, F. (2015, January 10). Remote attacks on automated vehicles sensors: Experiments on camera and lidar. Proceedings of the Black Hat Europe 2015, Amsterdam, The Netherlands."},{"key":"ref_24","unstructured":"Sitawarin, C., Bhagoji, A.N., Mosenia, A., Chiang, M., and Mittal, P. (2018, May 31). DARTS: Deceiving Autonomous Cars with Toxic Signs. Available online: http:\/\/arxiv.org\/pdf\/1802.06430v3."},{"key":"ref_25","unstructured":"Upstream Security Ltd. (2020, August 13). Smart Mobility Cyber Attacks Repository. Available online: https:\/\/www.upstream.auto\/research\/automotivecybersecurity\/."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Ring, M., D\u00fcrrwang, J., Sommer, F., and Kriesten, R. (2015, January 5\u20137). Survey on vehicular attacks\u2014Building a vulnerability database. Proceedings of the 2015 IEEE International Conference on Vehicular Electronics and Safety (ICVES), Yokohama, Japan.","DOI":"10.1109\/ICVES.2015.7396919"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Sommer, F., D\u00fcrrwang, J., and Kriesten, R. (2019). Survey and Classification of Automotive Security Attacks. Information, 10.","DOI":"10.3390\/info10040148"},{"key":"ref_28","unstructured":"Myagmar, S., Lee, A.J., and Yurcik, W. (2005, January 29). Threat modeling as a basis for security requirements. Proceedings of the IEEE Symposium on Requirements Engineering for Information Security (SREIS), Paris, France."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Lee, E.A. (2008, January 5\u20137). Cyber Physical Systems: Design Challenges. Proceedings of the 11th IEEE Symposium onObject\/Component\/Service-Oriented Real-Time Distributed Computing (ISORC), Orlando, FL, USA.","DOI":"10.1109\/ISORC.2008.25"},{"key":"ref_30","unstructured":"Dykstra, J. (2015). Essential Cybersecurity Science\u2014Build, Test, and Evaluate Secure Systems, O\u2019Reilly. [1st ed.]."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","article-title":"A comparison of security requirements engineering methods","volume":"15","author":"Fabian","year":"2010","journal-title":"Requir. Eng."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"333","DOI":"10.14257\/astl.2016.139.68","article-title":"Threat modeling for automotive security analysis","volume":"139","author":"Ma","year":"2016","journal-title":"Adv. Sci. Technol. Lett."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Verendel, V. (2009, January 8\u201311). Quantified security is a weak hypothesis: A Critical Survey of Results and Assumptions. Proceedings of the 2009 Workshop on New Security Paradigms Workshop, Oxford, UK.","DOI":"10.1145\/1719030.1719036"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"110","DOI":"10.1016\/j.ress.2012.09.011","article-title":"Cross-fertilization between safety and security engineering","volume":"110","author":"Bouissou","year":"2013","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_35","unstructured":"Ross, S.T. (1999). Computer security: A practical definition. Unix System Security Tools, Mcgraw-Hill."},{"key":"ref_36","unstructured":"Tomas, O. (2020, November 11). A Structured Approach to Computer Security. Available online: https:\/\/research.chalmers.se\/en\/publication\/166411."},{"key":"ref_37","unstructured":"(1996). Simson Garfinkel and Gene Spafford, Practical UNIX & Internet Security, O\u2019Reilly. [2nd ed.]."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Zalewski, J., Drager, S., McKeever, W., and Kornecki, A.J. (2013, January 8\u201310). Threat modeling for security assessment in cyberphysical systems. Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW 13), Oak Ridge, TN, USA.","DOI":"10.1145\/2459976.2459987"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Jonsson, E. (2006, January 20\u201322). Towards an integrated conceptual model of security and dependability. Proceedings of the 1st IEEE International Conference on Availability, Reliability and Security, Vienna, Austria.","DOI":"10.1109\/ARES.2006.138"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"48","DOI":"10.4018\/ijsse.2014100103","article-title":"Evolution of security engineering artifacts: A state of the art survey","volume":"5","author":"Felderer","year":"2014","journal-title":"Int. J. Secur. Softw. Eng."},{"key":"ref_41","unstructured":"Shevchenko, N., Chick, T.A., O\u2019Riordan, P., Scanlon, T.P., and Woody, C. (2018). Threat Modeling: A Summary of Available Methods, SEI Carnegie Mellon University."},{"key":"ref_42","unstructured":"Swiderski, F., and Snyder, W. (2004). Threat Modeling (Microsoft Professional), Microsoft Press."},{"key":"ref_43","unstructured":"Shostack, A. (2008, January 4\u20135). Experiences threat modeling at Microsoft. Proceedings of the Modeling Security Workshop, Lancaster, UK."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s00766-010-0115-7","article-title":"A privacy threat analysis framework supporting the elicitation and fulfillment of privacy requirements","volume":"16","author":"Deng","year":"2011","journal-title":"Requir. Eng."},{"key":"ref_45","unstructured":"LINDDUN (2020, March 26). Privacy Threat Modeling. Available online: https:\/\/distrinet.cs.kuleuven.be\/software\/linddun\/index.php."},{"key":"ref_46","unstructured":"Wuyts, K., and Joosen, W. (2015). Linddun Privacy Threat Modeling: A Tutorial, linddun."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"109","DOI":"10.1145\/1709424.1709457","article-title":"An exploration of the current state of information assurance education","volume":"41","author":"Cooper","year":"2009","journal-title":"ACM SIGCSE Bull."},{"key":"ref_48","unstructured":"Ponikwar, C., Hof, H.J., and Wischhof, L. (2017, January 6). Towards a High-Level Security Model for Decision Making in Autonomous Driving. Proceedings of the ACM Chapters Computer Science in Cars Symposium (CSCS), Munich, Germany."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1109\/MS.2014.85","article-title":"How well do you know your personae non gratae?","volume":"31","year":"2014","journal-title":"IEEE Softw."},{"key":"ref_50","unstructured":"Mead, N., Shull, F., Vennuru, K., and Villadsen, O. (2018). A Hybrid Threat Modeling Method, Carnegie Mellon University."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Tariq, A.M., Brynielsson, J., and Artman, H. (2012, January 22\u201324). Framing the Attacker in Organized Cybercrime. Proceedings of the European Intelligence and Security Informatics Conference (EISIC), Odense, Denmark.","DOI":"10.1109\/EISIC.2012.48"},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","article-title":"Eliciting security requirements with misuse cases","volume":"10","author":"Sindre","year":"2005","journal-title":"Requir. Eng."},{"key":"ref_53","first-page":"1","article-title":"Can we measure security and how?","volume":"1","author":"Zalewski","year":"2013","journal-title":"ACM Int. Conf. Proc. Ser."},{"key":"ref_54","unstructured":"(2020, October 05). Common Vulnerability Scoring System v3.1: Specification Document. Available online: https:\/\/www.first.org\/cvss\/v3.1\/specification-document."},{"key":"ref_55","unstructured":"(2020, October 05). Common Vulnerability Scoring System v3.1: User Guide. Available online: https:\/\/www.first.org\/cvss\/v3.1\/user-guide."},{"key":"ref_56","first-page":"9","article-title":"Attack trees: Modeling security threats","volume":"12","author":"Schneier","year":"1999","journal-title":"Dr. Dobbs J."},{"key":"ref_57","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., and Wing, J. (2002, January 12\u201315). Automated generation and analysis of attack graphs. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA."},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Ellison, R.J., and Linger, R.C. (2001). Attack Modeling for Information Security and Survivability (CMU\/SEI-2001-TN-001), Carnegie Mellon University.","DOI":"10.21236\/ADA387544"},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1109\/32.588541","article-title":"A quantitative model of the security intrusion process based on attacker behavior","volume":"23","author":"Jonsson","year":"1997","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Kornecki, A., Zalewski, J., and Stevenson, W.F. (2011, January 20\u201321). Availability assessment of embedded systems with security vulnerabilities. Proceedings of the 34th Annual IEEE software Engineering Workshop, Limerick, Ireland.","DOI":"10.1109\/SEW.2011.12"},{"key":"ref_61","unstructured":"Madan, B.B., Gogeva-Popstojanova, K., Vaidyanathan, K., and Trivedi, K.S. (2002, January 23\u201326). Modeling and quantification of security attributes of software systems. Proceedings of the International Conference on Dependable Systems and Networks, Bethesda, MD, USA."},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Potteiger, B., Martins, G., and Koutsoukos, X. (2016, January 19\u201321). Software and attack centric integrated threat modeling for quantitative risk assessment. Proceedings of the Symposium and Bootcamp on the Science of Security, Pittsburgh, PA, USA.","DOI":"10.1145\/2898375.2898390"},{"key":"ref_63","unstructured":"PRESERVE Project (2020, October 05). Preparing Secure V2X Communication Systems (PRESERVE). Available online: http:\/\/www.preserveproject.eu\/."},{"key":"ref_64","unstructured":"EVITA Project (2020, October 05). E-safety Vehicle Intrusion Protected Applications (EVITA). Available online: http:\/\/www.evitaproject.org\/."},{"key":"ref_65","unstructured":"OVERSEE Project (2020, October 05). Open Vehicular Secure Platform (OVERSEE). Available online: https:\/\/www.oversee-project.com\/."},{"key":"ref_66","unstructured":"Ur-Rehman, O., Zivic, N., and Ruland, C. (2020, October 05). An Overview of Automotive Security Standards. Available online: http:\/\/docs.mipro-proceedings.com\/iss\/03_iss_5618.pdf."},{"key":"ref_67","unstructured":"SAE J3061 (2016). Cybersecurity Guidebook for Cyber-Physical Vehicle Systems, SAE International."},{"key":"ref_68","unstructured":"ISO\/TR 20078-4 (2019). Road Vehicles\u2014Extended Vehicle (ExVe) \u2018Web Services\u2019, Technical Committee. ISO\/TC 22\/SC 31 Data Communication."},{"key":"ref_69","unstructured":"ISO\/SAE DIS 21434 (2020). Road Vehicles\u2014Cybersecurity Engineering, Technical Committee. ISO\/TC 22\/SC 32 Electrical and Electronic Components and General System Aspects."},{"key":"ref_70","doi-asserted-by":"crossref","unstructured":"Schmittner, C., and Ma, Z. (2018, January 5\u20137). Status of the Development of ISO\/SAE 21434. Proceedings of the 25th European Conference, EuroSPI 2018, Bilbao, Spain.","DOI":"10.1007\/978-3-319-97925-0_43"},{"key":"ref_71","unstructured":"Burkacky, O., Deichmann, J., Klein, B., Pototzky, K., and Scherf, G. (2020). Cybersecurity in Automotive, Mastering the Challenge, McKinsey & Company."},{"key":"ref_72","doi-asserted-by":"crossref","unstructured":"Schmittner, C., and Ma, Z. (2015, January 23\u201325). Towards a framework for alignment between automotive safety and security standards. Proceedings of the 34th International Conference on Computer Safety, Reliability, and Security, Delft, The Netherlands.","DOI":"10.1007\/978-3-319-24249-1_12"},{"key":"ref_73","doi-asserted-by":"crossref","unstructured":"Pekaric, I., Sauerwein, C., and Felderer, M. (2019, January 26\u201329). Applying Security Testing Techniques to Automotive Engineering. Proceedings of the ARES\u201919: 14th International Conference on Availability, Reliability and Security, Canterbury, UK.","DOI":"10.1145\/3339252.3340329"},{"key":"ref_74","doi-asserted-by":"crossref","unstructured":"Schulze, T., M\u00fcller, B., and Meyer, G. (2016). The need for safety and cybersecurity co-engineering and standardization for highly automated automotive vehicles. Advanced Microsystems for Automotive Applications 2015, Springer.","DOI":"10.1007\/978-3-319-20855-8"},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Schmittner, C., Ma, Z., Reyes, C., Dillinger, O., and Puschner, P. (2016, January 20\u201323). Using SAE J3061 for Automotive Security Requirement Engineering. Proceedings of the 35th International Conference on Computer Safety, Reliability, and Security, Trondheim, Norway.","DOI":"10.1007\/978-3-319-45480-1_13"},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Macher, G., Messnarz, R., Armengaud, E., Riel, A., Brenner, E., and Kreiner, C. (2017, January 4\u20136). Integrated Safety and Security Development in the Automotive Domain. Proceedings of the SAE International WCX\u2122 17: SAE World Congress Experience, Detroit, MI, USA.","DOI":"10.4271\/2017-01-1661"},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"D\u00fcrrwang, J., Beckers, K., and Kriesten, R. (2017, January 12\u201315). A Lightweight Threat Analysis Approach Intertwining Safety and Security for the Automotive Domain. Proceedings of the SAFECOMP 2017: 36th International Conference on Computer Safety, Reliability, and Security, Trento, Italy.","DOI":"10.1007\/978-3-319-66266-4_20"},{"key":"ref_78","doi-asserted-by":"crossref","unstructured":"Schmittner, C., Gruber, T., Puschner, P., and Schoitsch, E. (2014, January 10\u201312). Security Application of Failure Mode and Effect Analysis (FMEA). Proceedings of the SAFECOMP 2014: 33rd International Conference on Computer Safety, Reliability, and Security, Florence, Italy.","DOI":"10.1007\/978-3-319-10506-2_21"},{"key":"ref_79","first-page":"347","article-title":"A Combined Process for Elicitation and Analysis of Safety and Security Requirements","volume":"Volume 113","author":"Bider","year":"2012","journal-title":"Enterprise, Business-Process and Information System"},{"key":"ref_80","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1007\/978-3-319-45477-1_11","article-title":"A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context","volume":"Volume 9922","author":"Skavhaug","year":"2016","journal-title":"Computer Safety, Reliability, and Security"},{"key":"ref_81","unstructured":"Eichler, J., and Angermeier, D. (2015, January 21\u201322). Modular risk assessment for the development of secure automotive systems. Proceedings of the 31st VDI\/VW joint conference Automotive Security, Wolfsburg, Germany."},{"key":"ref_82","doi-asserted-by":"crossref","unstructured":"Alberts, C.J., Behrens, S.G., Pethia, R.D., and Wilson, W.R. (1999). Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVESM) Framework, Version 1.0, Carnegie Mellon University.","DOI":"10.21236\/ADA367718"},{"key":"ref_83","unstructured":"European Telecommunication Standards Institute (ETSI) (2017). Intelligent Transport Systems (ITS); Security; Threat, Vulnerability and Risk Analysis (TVRA), ETSI."},{"key":"ref_84","unstructured":"Alastair, R., Benjamin, W., Sajid, I., Roudier, Y., Michael, F., Timo, L., Fuchs, A., Gurgens, S., Henninger, O., and Roland, R. (2009). Deliverable D2.3: Security Requirements for Automotive on-Board Networks Based on Dark-Side Scenarios (EVITA, E-Safety Vehicle Intrusion Protected Applications), East Valley Institute of Technology (EVIT)."},{"key":"ref_85","unstructured":"(2020, October 05). Common Methodology for Information Technology Security Evaluation (CEM v3.1). Available online: https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CCPART1V3.1R5.pdf."},{"key":"ref_86","unstructured":"(2009). ISO\/IEC 15408: Information Technology-Security Techniques-Evaluation Criteria for IT Security, Technical Committee."},{"key":"ref_87","unstructured":"(2018). ISO 26262, Road Vehicles\u2014Functional Safety, Technical Committee."},{"key":"ref_88","first-page":"195","article-title":"A systematic approach to a quantified security risk analysis for vehicular IT systems","volume":"210","author":"Wolf","year":"2012","journal-title":"Automot. Saf. Secur."},{"key":"ref_89","unstructured":"British Standard EN 501261999 (1999). Railway Applications\u2014The Specification and Demonstration of Reliability, Availability, Maintainability, and Safety (RAMS), European Committee for Eiectrotechnical Standardization."},{"key":"ref_90","doi-asserted-by":"crossref","first-page":"360","DOI":"10.1016\/j.cose.2018.04.008","article-title":"Building an automotive security assurance case using systematic security evaluations","volume":"77","author":"Cheah","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_91","unstructured":"Olovsson, T. (2020, October 05). HEAling Vulnerabilities to ENhance Software Security and Safety (HEAVENS) Project. Available online: https:\/\/research.chalmers.se\/en\/project\/5809."},{"key":"ref_92","unstructured":"Islam, M., Sandberg, C., Bokesand, A., Olovsson, T., Brober, H., Kleberger, P., Lautenbach, A., Hansson, A., and Soderberg-Rivkin, A. (2016). P.Kadhirvelan, S. Deliverable D2: Security Models (Version 2.0), Vinnova\/FFI (Fordonsutveckling\/Vehicle Development)."},{"key":"ref_93","doi-asserted-by":"crossref","unstructured":"Islam, M., Lautenbach, A., Sandberg, C., and Olovsson, T. (2016, January 31). A risk assessment framework for automotive embedded systems. Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, Xi\u2019an, China.","DOI":"10.1145\/2899015.2899018"},{"key":"ref_94","unstructured":"(2009). Federal Office for Information Security (BSI) Standard 100-4, Information Security Management System (ISMS). Version 1.0."},{"key":"ref_95","unstructured":"Automotive Industry Action Group (AIAG) (2008). Potential Failure Mode and Effects Analysis (FMEA), AIAG. [4th ed.]."},{"key":"ref_96","unstructured":"Federal Office for information security (BSI) (2011). Privacy Impact Assessment Guideline, BSI."},{"key":"ref_97","doi-asserted-by":"crossref","first-page":"516","DOI":"10.4271\/2014-01-0334","article-title":"Adapted development process for security in networked automotive systems","volume":"7","author":"Schmidt","year":"2014","journal-title":"SAE Int. J. Passeng. Cars Electron. Electr. Syst."},{"key":"ref_98","doi-asserted-by":"crossref","unstructured":"Macher, G., Sporer, H., Berlach, R., Armengaud, E., and Kreiner, C. (2015, January 9\u201313). SAHARA: A security-aware hazard and risk analysis method. Proceedings of the Design, Automation Test in Europe Conference Exhibition (DATE), Grenoble, France.","DOI":"10.7873\/DATE.2015.0622"},{"key":"ref_99","doi-asserted-by":"crossref","first-page":"1288","DOI":"10.1016\/j.procs.2016.04.268","article-title":"Threat and risk assessment methodologies in the automotive domain","volume":"83","author":"Macher","year":"2016","journal-title":"Procedia Comput. Sci."},{"key":"ref_100","unstructured":"European Telecommunication Standards Institute (ETSI) (2011). Telecommunications and Internet Converged Services and Protocols for Advanced Networking (TISPAN), ETSI. Methods and Protocols, Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/12\/11\/198\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:33:47Z","timestamp":1760178827000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/12\/11\/198"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,16]]},"references-count":100,"journal-issue":{"issue":"11","published-online":{"date-parts":[[2020,11]]}},"alternative-id":["fi12110198"],"URL":"https:\/\/doi.org\/10.3390\/fi12110198","relation":{},"ISSN":["1999-5903"],"issn-type":[{"type":"electronic","value":"1999-5903"}],"subject":[],"published":{"date-parts":[[2020,11,16]]}}}