Security Risk Management in Autonomous Driving Vehicles: Architecture Perspective

Name
Rando Tõnisson
Abstract
Security risk management is an essential part of any system development, including autonomous driving vehicles. For autonomous driving service providers, it is necessary to know what risks exist in the system and how they could be mitigated. Security risk management methods allow system stakeholders to manage the security risks within their systems. Unfortunately, an accepted standard to carry out security risk management, specifically for autonomous vehicles, is not presented in the reviewed literature.
In this thesis, we propose a method for security risk management in the autonomous driving field, with a focus on the architecture of the car. The proposed method combines two well-known methods: the security risk management (SRM) method to define the asset, risk and risk-treatment related concepts, and the OCTAVE Allegro method for risk impact assessment. Asset, risk and countermeasure findings from reviewed literature were first used to illustrate the proposed security risk management approach. Then, a case study -- a Bolt autonomous vehicle prototype -- was introduced to demonstrate a practical security risk management scenario, validated by experts in autonomous vehicles and security risk management.
The study finds that the combination of SRM and OCTAVE Allegro combines the strong suits of both methods to provide a systematic approach for security risk management in autonomous driving vehicles, useful to the system stakeholders.
Graduation Thesis language
English
Graduation Thesis type
Master - Software Engineering
Supervisor(s)
Raimundas Matulevičius; Abasi-Amefon O. Affia
Defence year
2020
 
PDF Extras