Fraunhofer Institute for Experimental Software Engineering IESESecure software engineering for embedded systems
With the support of Fraunhofer IESE, methods and tools for the secure engineering of software for embedded systems were developed for the project partner John Deere.
Last modified:
Reference Project: John Deere
Modern commercial vehicles contain a considerable amount of software. This includes, for example, highly intelligent engine control systems that consider the current work situation and set the pollutant emissions in relation to the required performance to enable environmentally friendly work processes. Comfort functions rely on the intelligent interaction of several interconnected components within the vehicle to achieve the best possible results. Furthermore, the increase in car-to-car connectivity should be mentioned, as should be car-to-infrastructure connectivity, which is becoming ever more important (e.g., in fleet management).
The communication features available today allow manufacturers to offer their users a wide range of services for use. Among other things, this enables remote diagnostics and maintenance. In addition, features and characteristics of modern commercial vehicles can be realized by means of software, without physical access to the system being required. Vehicles are thus increasingly becoming interconnected systems, which can also attract the interest of hackers.
Overriding protective measures to obtain paid features and services can be a goal worth pursuing. Dubious providers can even systematically market the overriding of protective measures, to the detriment of manufacturers and authorized service providers. Another coveted target is data worthy of protection that may be exchanged between vehicles and the infrastructure.
The area of embedded systems, in particular, poses new challenges for secure software engineering since special constraints and conditions have to be taken into account. In particular, requirements with respect to real-time, reliability, and functional safety, as well as hardware constraints have a significant influence on the degrees of freedom in the selection and application of quality assurance measures for security. In addition, the effects of security measures on other quality attributes must be taken into account. There is still considerable need for research in this area.
In the first step of the project, methods and practices from the early software engineering phases, in particular, were examined for their applicability in the special environment of embedded systems for commercial vehicles, because fundamental decisions have to be made here. Threat modeling, for example, which has proven to be extremely successful in the field of information systems, is essential. The usefulness of various techniques used in the realization and testing phase was also investigated. Programming standards, static and dynamic source code analyses, and special test procedures such as fuzz tests are promising approaches for sustainably improving the security of embedded systems.
Contributions of Fraunhofer IESE
- Research on the topic of potential threats to modern commercial vehicles
- Research results range from globally possible remote attacks to direct physical access to internal control systems
- Support in the development of methods and tools for the secure engineering of software for embedded systems
- Survey of existing software engineering methods and tools and investigation of their suitability for embedded systems
- Use of IESE’s experience to adapt the established security engineering techniques to the specifics of embedded systems engineering, taking into account customer-specific constraints
Goals / Results
- The insights gained will help the project partner to understand current potential threats as well as those foreseeable as the result of future developments, thus allowing suitable countermeasures to be initiated.