This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Cybersecurity by Agile Design
Technical Paper
2023-01-0035
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
ISO/SAE 21434 [1] Final International Standard was released September 2021 to great fanfare and is the most prominent standard in Automotive Cybersecurity. As members of the Joint Working Group (JWG) the authors spent 5 years developing the 84 pages of precise wording acceptable to hundreds of contributors. At the same time the auto industry had been undergoing a metamorphosis probably unmatched in its hundred-year history. A centerpiece of the metamorphosis is the adoption of the Agile development method to meet market demands for time-to-market and flexibility of design. Unfortunately, a strategic decision was made by the JWG to focus ISO/SAE 21434 on the V-Model method.
Agile does not break ISO/SAE 21434. Agile is a framework that can be adapted to suit any process. In the end the goals are the same regardless of development method; security by design must be achieved. This paper will outline the work products of ISO/SAE 21434 and discuss how the work products required by the standard can be achieved using Agile. The application to Agile may require interpreting the standard from another angle, which could involve reordering the sequence of activities and work products, breaking down the acceptable criteria of some work products to allow rapid iterations, and verifications of meta data or intermediate work products. In cybersecurity engineering, Agile has its unique strength compared to the V-model method, as its cyclical nature is better aligned with best practices for Cybersecurity Frameworks.
Authors
Citation
Mazzara, B. and Guo, Y., "Cybersecurity by Agile Design," SAE Technical Paper 2023-01-0035, 2023, https://doi.org/10.4271/2023-01-0035.Also In
References
- ISO/SAE International Road Vehicle Standard 2021
- Sampath , A. 2022 https://www.telematicswire.net/accelerated-automotive-product-development-using-devops/
- Aoyama , M. , and Hayashi , K. A Portfolio-Driven Development Model and Its Management Method of Agile Product Line Engineering Applied to Automotive Software Development 2020 21st International Conference, PROFES 2020 Turin, Italy
- Herlt , A. , Jana , P. , Kellner , M. , Küchler , S. et al. 2022 https://www.mckinsey.com/industries/automotive-and-assembly/our-insights/smartphones-on-wheels-new-rules-for-automotive-product-development
- 2018
- 2005
- Beck , K. , Beedle , M. , Bennekum , A. , Cockburn , A. et al. 2001 https://agilemanifesto.org/
- 2012
- 2023 https://www.scaledagileframework.com/
- NISTIR 8011