- Project group:
Bundesministerium für Bildung und Forschung (BMBF)
FZI, ERNW, RISA, ENCO
Datenbasierte EntwurfsUNterstützung durch kontinuierliches MOnitoring Von SichERheitsvorfällen (UNCOVER)
The secure interaction of functions, systems, and services as well as their monitoring is essential for the realization and introduction of autonomous vehicles. As a result, IT security in networked systems and applications is becoming increasingly important in development and operation. During operation, vulnerabilities and security gaps may arise. Especially for autonomous systems, changes during operation are to be expected. These changes can affect both the system itself and its environment. These continuous changes pose potential risks in terms of IT security and functional safety, which can lead to significant hazards for road users. The established approaches in the area of security-by-design should therefore be supplemented by systematic feedback from security incidents into the development phase. It is essential to always consider security together with the safety of the intended function (SOTIF). The currently emerging standards for security and SOTIF are considered. The goals of the project are: to research methods and tools for the systematic and structured recording of security incidents in autonomous driving functions; to feed the security incidents and findings from the field back into the development tools; to develop a monitoring platform that can identify and localize security-relevant events and take data protection aspects into account throughout the product life cycle.
An essential component of the project is the development of a flexible monitoring platform for detecting safety-relevant events during operation. It is being designed in the form of a framework and provides the technical basis for integrating configurable monitoring mechanisms (so-called templates) into an E/E architecture. These templates are hardware and software modules that allow the detection of events relevant to safety and security. They are to be parameterized during the development process and flexibly integrated into various components such as ECUs or vehicle buses of the E/E architecture.