Nowadays, due to the increasing diffusion of software in automotive, security is becoming increasingly important and should be taken into account from the early stages of software development. The AUTomotive Open System ARchitecture (AUTOSAR) standard, an open industry standard for automotive software architecture, covers many aspects of software modeling and
development in automotive, security aspects included.
In this thesis, an extension of security modeling concepts available in AUTOSAR is proposed. The proposed extension gives to the developers the possibility to add security requirements (confidentiality and/or integrity) to a communication link at functional level. They are made available as attributes and can be used to annotate the high level system specification.
Then, we have developed a tool which can be used to automate some steps that the developers have to follow in order to use specific AUTOSAR security services. Our tool automatically add the required security elements in the AUTOSAR XML (ARXML) file (which is the main file format used in
AUTOSAR to describe a system). The security elements are added within new software components or within the existing components, based on the specifications provided by the developers within the ARXML file. The security requirements are then fulfilled by using the services provided by the AUTOSAR standard.
The tool has been applied to an AUTOSAR use case, namely, the front light management system
