Secure Software Engineering in the Automotive Development Process

The challenge: it is difficult to make software secure once is has been programmed

Systems and applications are becoming more and more complex, and more interconnected. This expands the areas in which the systems are susceptible to attacks.Whether it's PC applications, smartphone applications, or devices as part of the Internet of Things, the development of secure software systems will become more and more important for you when looking to increase resistance to attacks. New threats must be handled appropriately at all stages of the development process.

The solution: take into account essential best practices during all stages of software development

The goal of this basic training course is to provide participants with the knowledge and the ability to assess current procedure models, methods and tools that can be used for the systematic development of secure software throughout its entire life cycle. This includes looking at security requirements and learning how to carry out threat analyses. The course also investigates the secure implementation of the software, along with testing of software for security weaknesses.The knowledge obtained from the course is then put to the test in practical workshops. An overview of the research currently done in this field is also provided.

How you can benefit: at a glance

After the seminar, you will be able to...

... take security into account at all stages of software development.
... assess and protect against important threats for secure software.
... avoid, track and eliminate significant security vulnerabilities in software.

 

This seminar will provide you with...

... a comprehensive overview of the procedure for designing and implementing secure software.
... workshops in which you can try out the development of secure software using sample projects.
... interaction with experts and colleagues..

Information Overview

Expand all Close all

Duration 2 days in class
Learning objectives – Knowing and assessing important current procedure models, methods and tools for the systematic development of secure software throughout its entire life cycle
– Implementing fundamental design tasks for developing secure software
– Avoiding, discovering and eliminating central implementation errors
Target group – Software architects and engineers
– Experts and technical (project) managers in development projects
Requirements Basic knowledge of software engineering: software development processes, requirement analysis, programming in Java or C, software testing
Organized by Fraunhofer AISEC
Cost € 1.200

Download our flyer for more information.

– Procedure models, maturity models and standards for the development of secure software
– Risk and requirement analysis
– Workshop requirements: Structural analysis with DFD, threat analysis with STRIDE, risk modeling, specification of requirements
– Secure design: Principles and design patterns
– Secure implementation: Points of attack in the automotive field
– Typical vulnerabilities in implementation and countermeasures
– Implementation workshop: Finding and avoiding programming errors
– Testing protection concepts

Albert Stark

Albert Stark has been a research associate at Fraunhofer AISEC since October 2021. He studied Computer Science at the Technical University of Munich (TUM) and completed his master’s degree in 2021. In his role, Albert is involved in platform security, working on projects that range from large deployments to small embedded devices. He focuses on developing and implementing security solutions to enhance system robustness and protect against emerging cyber threats.

Roman Trentinaglia

Roman Trentinaglia is a research associate in the Safe & Secure IoT Systems department at Fraunhofer IEM. He completed his computer science studies in 2021 at Paderborn University in the field of Security Assurance Cases as Master of Science (M.Sc.). Since June 2021, he has been working in the Requirements Analysis & Design group on projects with partners from the mechanical & plant engineering and automotive industries, among others. One focus of such projects is the early and joint consideration of safety and security (Safety & Security by Design).