Book Image

Automotive Cybersecurity Engineering Handbook

By : Dr. Ahmad MK Nasser
5 (1)
Book Image

Automotive Cybersecurity Engineering Handbook

5 (1)
By: Dr. Ahmad MK Nasser

Overview of this book

Replete with exciting challenges, automotive cybersecurity is an emerging domain, and cybersecurity is a foundational enabler for current and future connected vehicle features. This book addresses the severe talent shortage faced by the industry in meeting the demand for building cyber-resilient systems by consolidating practical topics on securing automotive systems to help automotive engineers gain a competitive edge. The book begins by exploring present and future automotive vehicle architectures, along with relevant threats and the skills essential to addressing them. You’ll then explore cybersecurity engineering methods, focusing on compliance with existing automotive standards while making the process advantageous. The chapters are designed in a way to help you with both the theory and practice of building secure systems while considering the cost, time, and resource limitations of automotive engineering. The concluding chapters take a practical approach to threat modeling automotive systems and teach you how to implement security controls across different vehicle architecture layers. By the end of this book, you'll have learned effective methods of handling cybersecurity risks in any automotive product, from single libraries to entire vehicle architectures.

Related Content you might be interested in

Current Title:

Small book image
Automotive Cybersecurity Engineering Handbook
Dr. Ahmad MK Nasser
Oct, 2023 | 392 pages
Small book image
Practical Internet of Things Security.
Brian Russell | Drew Van Duren
Nov, 2018 | 382 pages
Small book image
Practical Industrial Internet of Things Security
Sravani Bhattacharjee
Jul, 2018 | 324 pages
Small book image
TLS Cryptography In-Depth
Dr Paul Duplys | Dr Roland Schmitz
Jan, 2024 | 712 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1:Understanding the Cybersecurity Relevance of the Vehicle Electrical Architecture
Part 1:Understanding the Cybersecurity Relevance of the Vehicle Electrical Architecture
Free Chapter
2
Chapter 1: Introducing the Vehicle Electrical/Electronic Architecture
Chapter 1: Introducing the Vehicle Electrical/Electronic Architecture
Overview of the basic building blocks of the E/E architecture
Electronic control units
ECU domains
Exploring the in-vehicle network
Sensors and actuators
Exploring the vehicle architecture types
Summary
Answers to discussion points
Further reading
3
Chapter 2: Cybersecurity Basics for Automotive Use Cases
Chapter 2: Cybersecurity Basics for Automotive Use Cases
Exploring the attack classes
Identifying security objectives
Cryptography applied to automotive use cases
Security principles
Summary
Further reading
4
Chapter 3: Threat Landscape against Vehicle Components
Chapter 3: Threat Landscape against Vehicle Components
Threats against external vehicle interfaces
Threats against the E/E topology
Threats against in-vehicle networks
Threats against sensors
Common ECU threats
Summary
References
5
Part 2: Understanding the Secure Engineering Development Process
Part 2: Understanding the Secure Engineering Development Process
6
Chapter 4: Exploring the Landscape of Automotive Cybersecurity Standards
Chapter 4: Exploring the Landscape of Automotive Cybersecurity Standards
Primary standards
Secondary standards
Supporting standards and resources
Summary
References
7
Chapter 5: Taking a Deep Dive into ISO/SAE21434
Chapter 5: Taking a Deep Dive into ISO/SAE21434
Notations
At a glance – the ISO 21434 standard
Organizational cybersecurity management
Planning
Acquisition and integration of supplier components
The concept phase
Design and implementation
Verification testing
Validation testing
Product release
Production planning
Operations and maintenance
End of life
Summary
8
Chapter 6: Interactions Between Functional Safety and Cybersecurity
Chapter 6: Interactions Between Functional Safety and Cybersecurity
A tale of two standards
A unified versus integrated approach
Establishing a foundational understanding of functional safety and cybersecurity
Extending the safety and quality supporting processes
Creating synergies in the concept phase
Finding synergies and conflicts in the design phase
Secure coding practices versus safe coding techniques
Synergies and differences in the testing phase
Summary
References
9
Part 3: Executing the Process to Engineer a Secure Automotive Product
Part 3: Executing the Process to Engineer a Secure Automotive Product
10
Chapter 7: A Practical Threat Modeling Approach for Automotive Systems
Chapter 7: A Practical Threat Modeling Approach for Automotive Systems
The fundamentals of performing an effective TARA
Common pitfalls when preparing a TARA
Defining the appropriate TARA scope
The practical approach
Case study using a digital video recorder (DVR)
Summary
References
11
Chapter 8: Vehicle-Level Security Controls
Chapter 8: Vehicle-Level Security Controls
Choosing cybersecurity controls
Vehicle-level versus ECU-level controls
Policy controls
Secure manufacturing
Secure off-board network communication
Host-based intrusion detection
Network intrusion detection and prevention (NIDP)
Domain separation and filtering
Sensor authentication
Secure software updates
In-vehicle network protection
Securing diagnostic abilities
Secure decommissioning
Summary
Further reading
12
Chapter 9: ECU-Level Security Controls
Chapter 9: ECU-Level Security Controls
Understanding control actions and layers
Exploring policy controls
Exploring hardware controls
Exploring software security controls
Exploring physical security controls
Summary
Further reading
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Who this book is for

This book is for automotive engineers and security professionals who are expected to make their systems cyber-resilient through compliance with industry standards (specifically ISO21434 and UNECE REG 155-156). You may have a background in functional safety and are wondering what it means to develop a system that is both safe and secure. You may have a background in developing non-safety-relevant production software and are wondering how to add security-related features. You may also be a person who has a security background and is trying to transition into the automotive domain. Regardless of your background, this book is intended to provide you with a practical approach to automotive cybersecurity engineering that can be applied within a reasonable time frame and effort in a way that leverages your organization’s existing processes.

To ease the understanding of the concepts in this book, you will need to be familiar with basic automotive development processes that are applied through the V-model and basic principles of computer security. By the end of this book, it should be apparent to you why cybersecurity matters for automotive systems, how to integrate cybersecurity engineering with your development process, how to perform cybersecurity engineering activities efficiently within the time and engineering constraints of your system, and how to deploy cybersecurity controls at various layers of the vehicle and the ECU architecture. It is therefore the strategy of this book to demystify cybersecurity for automotive engineering teams and help them find ways to make cybersecurity an integrated property of their systems rather than a burden that must be de-prioritized to push products out of the door.

Previous Section
Next Section