The growing integration of software and connectivity in modern vehicles has elevated cybersecurity to a critical concern in automotive development. As vehicles evolve into complex, connected systems, the electrical and electronic components such as Electronic Control Units (ECUs) and communication networks are increasingly exposed to cyber threats. While existing frameworks like ISO26262 for functional safety and ASPICE for process quality address safety and development rigor, they fall short in adequately addressing cybersecurity vulnerabilities at the component level. To fill this gap, this thesis presents a cybersecurity-focused V-Model that integrates ISO/SAE 21434, the emerging standard for automotive cybersecurity, with the established vehicle development lifecycle. The research provides a structured approach to embedding cybersecurity measures throughout the development process, focusing particularly on tier 1 and tier 2 suppliers responsible for developing security critical components. These suppliers play a crucial role in ensuring that cybersecurity is integrated into the foundational elements of vehicle systems. A key aspect of this research is the application of the proposed V-Model in a use case to demonstrate its applicability in securing ECUs and validating its practical relevance in real-world automotive development. This thesis contributes to a more integrated and secure development process for modern vehicles, addressing the cybersecurity requirements. Future work may extend the model to cover the entire vehicle lifecycle, explore automated tools for cybersecurity integration, and incorporate emerging technologies such as 5G and artificial intelligence, ensuring that the model remains adaptable to future challenges in automotive cybersecurity.
A Structured Approach to Automotive Cybersecurity for Secure Component-Level Development in Compliance with ISO/SAE 21434
Deshpande, S. S. (Author). 2024
Student thesis: Master's Thesis