An Overview of Automotive Service-Oriented Architectures and Implications for Security Countermeasures

New requirements from the customers\u27 and manufacturers\u27 point of view such as adding new software functions during the product life cycle require a transformed architecture design for future vehicles. The paradigm of signal-oriented communication established for many years will increasingly be replaced by service-oriented approaches in order to increase the update and upgrade capability. In this article, we provide an overview of current protocols and communication patterns for automotive architectures based on the service-oriented architecture (SOA) paradigm and compare them with signal-oriented approaches. Resulting challenges and opportunities of SOAs with respect to information security are outlined and discussed. For this purpose, we explain different security countermeasures and present a state of the section of automotive approaches in the fields of firewalls, Intrusion Detection Systems (IDSs) and Identity and Access Management (IAM). Our final discussion is based on an exemplary hybrid architecture (signal- and service-oriented) and examines the adaptation of existing security measures as well as their specific security features

Empowerment in the Context of Transformational Change: A Study of Acquisitions and Privatizations in Eastern Europe

Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.This paper examines conditions under which empowerment (decision autonomy, dialogic leadership) is connected with positive and negative effects, respectively, in regard to managing transformational change in Eastern Europe. Acquisitions by foreign investors in Poland and Russia (N = 45 companies) and privatizations through employee buy-out in Romania (N = 5 companies) are contrasted in this study. It is shown that empowerment within these two variants of transformational change is connected in different ways with success indicators of crisis management. From these findings, we deduce practical consequences for empowerment and transformational change, along with suggestions for future research

iObserve: Integrated Observation and Modeling Techniques to Support Adaptation and Evolution of Software Systems

The goal of iObserve is to develop methods and tools to support evolution and adaptation of long-lived software systems. Future long-living software systems will be engineered using third-party software services and infrastructures. Key challenges for such systems will be caused by dynamic changes of deployment options on cloud platforms. Third-party services and infrastructures are neither owned nor controlled by the users and developers of service-based systems. System users and developers are thus only able to observe third-party services and infrastructures via their interface, but are not able to look into the software and infrastructure that provides those services. In this technical report, we summarize our results of four activities to realize a complete tooling around Kieker, Palladio, and MAMBA, supporting performance and cost prediction, and the evaluation of data privacy in context of geo-locations. Furthermore, the report illustrates our efforts to extend Palladio

Run-time Architecture Models for Dynamic Adaptation and Evolution of Cloud Applications

Cloud applications are subject to continuous change due to modifications of the software application itself and, in particular, its environment. To manage changes, cloud-based systems provide diverse self-adaptation mechanisms based on run-time models. Observed run-time models are means for leveraging self- adaption, however, are hard to apply during software evolution as they are usually too detailed for comprehension by humans.In this paper, we propose iObserve, an approach to cloud-based system adaptation and evolution through run-time observation and continuous quality analysis. With iObserve, run-time adaptation and evolution are two mutual, interwoven activities that influence each other. Central to iObserve is (a) the specification of the correspondence between observation results and design models, and (b) their use in both adaptation and evolution. Run-time observation data is promoted to meaningful values mapped to design models, thereby continuously updating and calibrating those design models during run-time while keeping the models comprehendible by humans. This engineering approach allows for automated adaptation at run-time and simultaneously supports software evolution. Model-driven software engineering is employed for various purposes such as monitoring instrumentation and model transformation. We report on the experimental evaluation of this approach in lab experiments using the CoCoME benchmark deployed on an OpenStack cloud

CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.Comment: Submitted to conferenc