Abstract

The increasing number of Electronic Control Units (ECUs) in today's vehicles and their greater connectivity with the outside environment has made vehicles more vulnerable to security attacks. Integrating security mechanisms in ECUs has become essential, but incurs overheads, which can delay safety-critical task execution and message transfers. In this work, we introduce a methodology to derive security requirements for tasks and messages in automotive systems based on the ISO 26262 standard. We then propose a framework (SEDAN) to increase the security of the system without violating the real-time constraints and security requirements of messages, or ECU utilization limits.