Philipp Zellmer, Lennart Holsten, Richard May, Thomas Leich
Variability-in-Practice Track
Haus der Universität, Schlösslistrasse 5, 3008 Bern, Switzerland | |
7 February 2024, 14:40 CET | |
Richard May | |
Kristof Meixner | |
https://dl.acm.org/doi/10.1145/3634713.3634727 |
Modern cars are becoming increasingly software-driven and interconnected, including new innovative functions, such as over-the-air updates. Such functions are typically based on configurable features, making adequate variability management essential. However, the growing system complexity based on connectivity and variability leads to various risks in the context of cyber security. As a result, legal regulations, such as UNECE No. 155, are constantly being developed, involving guidelines to handle security-critical components within automotive electrics/electronics architectures. In this paper, an overview of current cyber-security challenges in the automotive domain is provided, focusing on their impacts on variability management. We share insights regarding the level of cyber-security relevance, connectivity, regulations, and software maintenance. Additionally, we propose seven practice-oriented strategies tailored to address these challenges, based on our expertise, with the goal of handling variability and increasing software quality. With our findings, we aim to guide researchers and practitioners dealing with the complexities of cyber security and variability in both the automotive and other cyber-physical domains.