Cybersecurity in EV’s: Approach for Systematic Secured SW Development through ISO/SAE 21434 & ASPICE-Reference-Cited by-同舟云学术

Cybersecurity in EV’s: Approach for Systematic Secured SW Development through ISO/SAE 21434 & ASPICE

Published:2023-04-11 Issue: Volume: Page:
ISSN:0148-7191
Container-title:SAE Technical Paper Series
language:
Short-container-title:

Author:

Ambesange Sandeep,Patwekar Ashwin

Abstract

<div class="section abstract"><div class="htmlview paragraph">Cybersecurity (CS) is crucial and significantly important in every product that is connected to the network/internet. At present, society is getting used to a lot of connected devices for multiple day-to-day needs that are as small as controlling the air conditioner (AC) temperature of the house when we are away, to the fully equipped high end modern car which may have 100+ electronic control units (ECU’s) [<span class="xref">1</span>]. Hence making it very important to guarantee that every single connected device shall have cybersecurity measures implemented to ensure the safety of the entire system.</div><div class="htmlview paragraph">Looking into the forecasted worldwide growth in the electric vehicles (EV’s) segment, CS researchers have recently identified several vulnerabilities that exist in EV’s, electric vehicle supply equipment (EVSE) devices, communications to EVs, and upstream services, such as EVSE vendor cloud services, third party systems, and grid operators. The impending impact of attacks on these systems can range from relatively minor local effects to the large-scale national disruptions.</div><div class="htmlview paragraph">Fortunately, for automotive, there are standards that lay down a strong perspective for the safety and security of road vehicles. ISO/SAE 21434:2021 ensures appropriate consideration of the CS for engineering of electrical & electronic (E/E) systems to keep up with state-of-the-art technology and evolving attack methods. One more such standard is Automotive SPICE (ASPICE) that lays down a process assessment model, when used with a proper assessment methodology helps to identify process related risks. Additional processes have been defined in the process reference and assessment model for the CS engineering in order to incorporate the cybersecurity related processes in the ASPICE scope. This paper aims at providing a model & brief overview to establish a correlation between the ASPICE, ISO/SAE 21434 and the ISO 26262 functional safety (FS) standards for development of a secured cybersecurity software with all the considerations that an organization can undertake.</div></div>

Publisher

SAE International

Reference16 articles.

1. Sugunaraj , N. , and Ranganathan , P. Electronic Control Unit (ECU) Identification for Controller Area Networks (CAN) Using Machine Learning 2022 IEEE International Conference on Electro Information Technology (eIT) 2022 1 7 10.1109/eIT53891.2022.9813928

2. Onuma , Y. , Terashima , Y. , and Kiyohara , R. ECU Software Updating in Future Vehicle Networks 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA) 2017 35 40 10.1109/WAINA.2017.45

3. Dadam , S.R. , Zhu , D. , Kumar , V. , Ravi , V. et al. Onboard Cybersecurity Diagnostic System for Connected Vehicles SAE Technical Paper 2021-01-1249 2021 https://doi.org/10.4271/2021-01-1249

4. Balda , J.C. , Mantooth , A. , Blum , R. , and Tenti , P. Cybersecurity and Power Electronics: Addressing the Security Vulnerabilities of the Internet of Things IEEE Power Electronics Magazine 4 4 2017 37 43 10.1109/MPEL.2017.2761422

5. ISO – International Standardization Organization 2018