Summary
In this chapter, we investigated the threats that affect all the layers of the E/E architecture that were introduced in Chapter 1. Doing so has enabled us to understand the full spectrum of threats and attacks that automotive systems must consider. The obvious question that follows the threat and attack enumeration is what security countermeasures are required to mitigate such threats?
It would have been tempting to simply provide a catalog of threats and mitigations. However, in a real vehicle, new threats and attacks are continuously emerging. Addressing those threats requires a systematic engineering approach that provides us with assurances that we not only addressed those threats but we adequately uncovered all the applicable threats and followed a measurable approach to reducing risk to a tolerable level. This is the focus of Part 2 of the book where we address security assurance through a process-driven approach. This is to stress that the problem of automotive cybersecurity...
