Automotive SPICE for Cybersecurity
Automotive SPICE for Cybersecurity in relation to Cybersecurity Management System
2021-11-10
Is the Project Manager Responsible for Providing Resources at all?
2022-02-18

Automotive SPICE for Cybersecurity in a Nutshell

Automotive SPICE for Cybersecurity in a Nutshell

In the last blog, “Automotive SPICE for Cybersecurity in conjunction with a Cybersecurity Management System“, the focus was on regulatory compliance, the standard for cybersecurity published by the International Organization for Standardization (ISO), and the Audit Cybersecurity Management System (ACSMS).

Cybersecurity has many facets. In this article, we want to give a rough overview of the evaluation of cybersecurity risks directly resulting out of the product.

Risk Analysis – Evaluating Threat Scenarios

Attackers on a system are creative and always looking for new ways. How to evaluate the risk of such an attack in the first place?

In Automotive SPICE for Cybersecurity, new processes are introduced. In process MAN.7 “Cybersecurity Risk Management”, the analysis of risks is described in detail.

Initially, threat scenarios are analyzed using a TARA (Threat Analysis and Risk Assessment). Assets (objects worth protecting) are identified first. For example, the receiver of a key remote control. In publicly accessible databases, a wide variety of attack scenarios on cybersecurity properties can be found. This data can then be used to describe threat scenarios. In the following steps, the potential attack paths and their probability, as well as the consequences for stakeholders in the event of a successful attack, are evaluated. Now, the risk for each threat scenario can be determined on stakeholders such as drivers, passengers, pedestrians, car, OEM, etc.

The Risk Treatment Decision describes whether a risk is avoided, reduced, shared or accepted.

Automotive SPICE for Cybersecurity in a nutshell

Cybersecurity Goals and Cybersecurity Requirements

The risk analysis (TARA) from MAN.7 is the starting point for the cybersecurity goals derived in SEC.1. (Concept-level cybersecurity requirements associated with one or more threat scenarios).

“The authenticity of the unlock door command by a given key remote must be guaranteed at all times” would be a concept-level cybersecurity goal.

Creative attacks on this cybersecurity goal cannot be entirely predicted. But system specialists can derive system- and software-level cybersecurity requirements that eliminate or reduce the likelihood of a successful attack on the cybersecurity goal.

Implementation and Verification of Cybersecurity Requirements

Cybersecurity Requirements directly impact system and software requirements. The implementation path follows the same processes described in Automotive SPICE. Software and system testing verifies the software and system requirements.

In contrast, the risk treatment verifications in SEC.3 refer to the Cybersecurity Requirements derived from Threat Scenarios.

Validation of Cybersecurity Goals.

The last step is to validate the cybersecurity objectives in the integrated system (SEC.4). The strategy has to be built in a way that any undetected vulnerabilities are revealed. In our example from above, the goal is to rule out the possibility of the door being locked by a third party.

Conclusion

The new processes in Automotive SPICE for Cybersecurity MAN.7 and SEC.1-4 equip engineering departments with methods to minimize the risks of cyberattacks. However, since attackers can have large budgets and be highly motivated, risks can never be completely eliminated. However, the carefully conducted TARA reveals potential vulnerabilities and their risks. The risk treatment measures derived from TARA increase the time and effort required to breach the cybersecurity goal significantly and make it much more difficult for hackers.

 

intacs™ Training for the Automotive SPICE® for Cybersecurity Model

The new Process Assessment Model (PAM) ” Automotive SPICE® for Cybersecurity ” provides an extension to Automotive SPICE in six new processes. The new course “intacs™ certified Automotive SPICE® Cybersecurity” is meant to prepare assessors for the assessment of the new processes.

Read more about the training

SPICE Booklet with Cybersecurity Model

We have already included the Automotive SPICE for Cybersecurity PAM into our SPICE Booklet

Download SPICE Booklet