Title | ||
---|---|---|
Standardizing Security Evaluation Criteria for Connected Vehicles: A Modular Protection Profile |
Abstract | ||
---|---|---|
The so-far most credible approach to Security Evaluation, the Common Criteria standard, relies on a thorough methodology to provide confidence that the security requirements of an IT system are satisfied. Towards that end, a Protection Profile (PP) document gathers carefully all required data and identifies in an implementation-independent way the security requirements of the studied system, referred to as Target of Evaluation (ToE). When the connected vehicles paradigm that integrates a mosaic of third-party modules and interfaces constitutes the ToE, the PP development calls for agile solutions.In this work, we introduce a modular approach to the design of a PP for connected vehicles, as developed in the SAFERtec project. Our starting point is a generic architecture of the Vehicle (V-ITS-S) that helps us identify all involved assets and accordingly introduce a flexible discrimination of the base and associated PP modules as well as their interplay. We discuss the way our modular PP can cope with various V-ITS-S implementation approaches and provide insights on its applicability on a real-world V-ITS-S bench we have developed. The proposed solution can pave the way for devising standardized security assurance arguments towards safer connected driving. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1109/CSCN.2019.8931344 | 2019 IEEE Conference on Standards for Communications and Networking (CSCN) |
Keywords | Field | DocType |
protection profile document,implementation-independent way,security requirements,ToE,connected vehicles,third-party modules,PP development calls,modular approach,V-ITS-S implementation approaches,standardized security assurance arguments,safer connected driving,Security Evaluation Criteria,credible approach,IT system,common criteria standard,modular protection profile,target of evaluation,agile solutions,SAFERtec project,flexible discrimination,V-ITS-S bench | Protection Profile,Architecture,Software engineering,Computer science,Software security assurance,SAFER,Agile software development,Common Criteria,Modular design | Conference |
ISSN | ISBN | Citations |
2644-3244 | 978-1-7281-0865-0 | 0 |
PageRank | References | Authors |
0.34 | 4 | 7 |
Name | Order | Citations | PageRank |
---|---|---|---|
Konstantinos N. Maliatsos | 1 | 0 | 0.34 |
Christos Lyvas | 2 | 1 | 1.70 |
Panagiotis Pantazopoulos | 3 | 0 | 0.34 |
Costas Lambrinoudakis | 4 | 393 | 46.57 |
Athanasios G. Kanatas | 5 | 193 | 30.18 |
Matthieu Gay | 6 | 0 | 0.34 |
Angelos Amditis | 7 | 296 | 41.47 |