Security by design is a principle that has to be followed throughout all the development phases, to make sure vulnerabilities are identified in time and to ensure a good integration of all security systems and components. In the first place it shall identify the security objectives and requirements of the ADF. At a later phase, during the design, it shall take into account key cybersecurity principles such as defence in depth, principle of least privilege, disabling of test / debug features and ports, etc. (ENISA, 2019).
Security by design shall be considered at all levels, from component level, which can refer to vehicle sensors and actuators and vehicle ECUs, up to vehicle level, which includes in-vehicle communication networks (e.g. CAN, Ethernet) and communication protocols (e.g. Bluetooth, Wi-Fi) and extended vehicle level, which deals with server communications also referred to as V2N (Vehicle to Network, e.g. systems which communicate with back-end systems or map data servers), infrastructure communications (e.g. traffic signs) and mobile devices such as smartphones.
Main Question
Is security by design considered in order to minimise the risks / threats and respond appropriately to them once identified?
Sub-Questions
- Are security by design measures considered at all levels, from component level up to vehicle level?
References
- ENISA (2019) Good practices for Security of Smart Cars. Available at: https://www.enisa.europa.eu/publications/smart-cars (Accessed: 31 October 2023).