When the 26262 club organising committee came together a few months back, we knew that empowering the newest generation of functional safety practitioners is without a doubt high on everyone’s agenda. As the last decades have shown, it is an exciting and ever changing profession that goes hand in hand with the evolution of automotive. We unanimously decided on the spot that proceedings from the upcoming The 26262 Digital Conference would go towards recognising new talent and giving them a small incentive to continue their great work in automotive safety and reliability.
We introduce you to our first winner of the 26262 student award 2021, Sven Grottker, graduate of University of Mannheim. Sven was selected based on his thesis defence within the area of security and functional safety of driver assistance systems. There, the objective was to conduct a threat analysis and risk assessment of attacks manipulating the environment of automated or autonomous vehicles to hamper their behavior.
Sven Grottker: “Already with the beginning of upper school, my passion was computer science, technologies and economics. I have always found it exciting to understand how systems and programs but also organizations work. Thus, it was my wish to study business informatics early on. This wish was further strengthened by a student internship at SAP within an agile development team in 2014. Fortunately, in 2015 I got the chance to study business informatics at the University of Mannheim.
During my studies there, I highly enjoyed the combination of computer science and economics but also IT Security aroused my interest more and more. I completed my studies with writing my bachelor thesis at the chair for Dependable Systems Engineering in the area of distributed ledger technology. Research in this area has been highly interesting due to its novelty and dynamics.
After the bachelor’s degree, I also did my master’s degree at the University of Mannheim. During this time, I specialized on Information Systems and IT Management. As part of this program, I was able to conduct a six-month software development team project with two fellow students at the Institute for Enterprise Systems of the University of Mannheim. There, we developed a tool with which the process of integrating smart home devices into smart home platforms is simplified and partially automated.
In early 2020 I then got the great opportunity to gather further practical and industrial experience as an intern at the BMW Group in Munich for seven months. More precisely, I was able to gain insights into a department in the area of Aftersales Business Management, which tests and releases the integrated Aftersales software network. During this rewarding time, I mainly supported the colleagues in test modularization and automation and in business process modeling. It was a pleasure to connect my passion for technology with the one for the automotive industry.
With the support of Professor Frederik Armknecht of the Chair of Practical Computer Science IV: Dependable Systems Engineering at the University of Mannheim and the BMW Group from early on, I got the great opportunity to continue my journey in the automotive industry. More precisely, I was able to write my master thesis within the area of security and functional safety of driver assistance systems. There, the objective was to conduct a threat analysis and risk assessment of attacks manipulating the environment of automated or autonomous vehicles to hamper their behavior. Besides diving into the effect chain of state-of-the-art driver assistance systems it was crucial to consider both security and safety impacts, as an attacker could cause safety-critical situations by such environmental manipulations.
I highly appreciated working in the area of security and safety of such a company and it confirmed my intention to continue my career path within this field.
Today, I am working as security expert advising agile development teams.
At this point, I would like to greatly thank Professor Frederik Armknecht of the University of Mannheim, who made this thesis possible in the first place and all the colleagues I got to know during the six month, especially Mister Hubert Strauß, my supervisor within the BMW Group, and all the expert interview partners, without which this thesis would not have been possible.”
Abstract of thesis:
Autonomous driving is considered as one of the top innovations and disruptions in the automotive industry. And already today, advanced driver assistance systems are a main driver of innovation. There, the vehicle automatically decides on appropriate driving actions like steering, accelerating, and decelerating. To do so, a vehicle has to precisely sense its environment. Following, today’s and future vehicles rely on a multitude of built-in sensors. Besides enabling a vehicle to perceive its surroundings, the dependence on sensors also increases the attack surface. By manipulating the vehicles’ environment, an attacker could manipulate or hamper the behavior of a vehicle which could potentially lead to safety-critical situations. For example, by spooﬁng an object, an attacker may cause a vehicle to brake suddenly. Over the last years, research on and interest in those environmental manipulations has been growing steadily. That is, a multitude of attacks has been demonstrated in literature and covered in press. This thesis ﬁrst provides a comprehensive review on the current state of research in the ﬁeld of environmental manipulations and sensor spooﬁng. Afterwards, a practical threat analysis and risk assessment is conducted to assess the factual risk constituted by such attacks on state-of-the-art driver assistance systems. Associated with this, a new risk assessment methodology suitable for assessing the risk of this type of attacks is proposed.
Congratulations to Sven for completing his studies and we wish him success in his future endeavours.