Classifying And Analyzing Security Testing Approaches In The Automotive Domain


A technical paper titled “Applying Security Testing Techniques to Automotive Engineering” was published by researchers at University of Innsbruck.


“The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research.”

Find the technical paper here. Published September 2023.

Irdin Pekaric, Clemens Sauerwein, Michael Felderer. “Applying Security Testing Techniques to Automotive Engineering.” arXiv:2309.09647v1 (2023)

Related Reading
Curbing Automotive Cybersecurity Attacks
A growing number of standards and regulations within the automotive ecosystem promises to save developments costs by fending off cyberattacks.
Auto Cyberattacks Becoming More Widespread
With no way to know when or where breaches will occur, multiple security measures are required, from HW/SW design to supply chain management.

Leave a Reply

(Note: This name will be displayed publicly)