Security Patterns for Connected and Automated Automotive Systems†

Abstract

As automotive systems become increasingly sophisticated with numerous onboard features that support extensive inward and outward-facing communication, cybersecurity vulnerabilities are exposed. The relatively recent acknowledgement of automotive cybersecurity challenges has prompted numerous research efforts into developing techniques to handle individual threat vectors, the pathways and threat surfaces by which an attack can be realized. Security design patterns have been developed for many application domains (e.g., enterprise systems, networking systems, and distributed systems), but not much has been explored for automotive systems. This paper introduces a collection of security design patterns targeted for automotive cybersecurity needs. We leverage and extend the de facto standard template used to describe design patterns to include fields specific to the automotive domain and SAE J3061 cybersecurity development guidelines.