Next Article in Journal
Model for Quantifying the Quality of Secure Service
Previous Article in Journal
Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT
Review

Automotive Vulnerability Disclosure: Stakeholders, Opportunities, Challenges

Institute of Energy Efficient Mobility, Karlsruhe University of Applied Sciences, 76133 Karlsruhe, Germany
*
Author to whom correspondence should be addressed.
Academic Editor: Dimitris A. Gritzalis
J. Cybersecur. Priv. 2021, 1(2), 274-288; https://doi.org/10.3390/jcp1020015
Received: 18 February 2021 / Revised: 12 April 2021 / Accepted: 25 April 2021 / Published: 6 May 2021
(This article belongs to the Special Issue Cybersecurity in the Transportation Ecosystem)
Since several years, the overall awareness for the necessity to consider a vehicle as a potentially vulnerable system is facing accelerated growth. In 2015, the safety relevant exploitability of vulnerabilities through cyber attacks was exposed to a broader public for the first time. Only a few months after this attack has reached public awareness, affected manufacturer implemented one of the first bug bounty programs within the automotive field. Since then, many others followed by adapting some of ITs good practices for handling and responsibly disclose found and reported vulnerabilities for the automotive field. Nevertheless, this work points out that much remains to be done concerning quantity and quality of these measures. In order to cope with this, this present paper deals with what can be learned from IT and which conclusions can be drawn from these findings in the light of special conditions in the automotive environment. Furthermore, current handling and challenges regarding the disclosure process of vulnerabilities in the automotive sector are presented. These challenges are addressed by discussing desirable conditions for a beneficial disclosure culture as well as requirements and responsibilities of all parties involved in the disclosure process. View Full-Text
Keywords: automotive security; vulnerability disclosure; threat intelligence automotive security; vulnerability disclosure; threat intelligence
Show Figures

Figure 1

MDPI and ACS Style

Bolz, R.; Kriesten, R. Automotive Vulnerability Disclosure: Stakeholders, Opportunities, Challenges. J. Cybersecur. Priv. 2021, 1, 274-288. https://doi.org/10.3390/jcp1020015

AMA Style

Bolz R, Kriesten R. Automotive Vulnerability Disclosure: Stakeholders, Opportunities, Challenges. Journal of Cybersecurity and Privacy. 2021; 1(2):274-288. https://doi.org/10.3390/jcp1020015

Chicago/Turabian Style

Bolz, Robin; Kriesten, Reiner. 2021. "Automotive Vulnerability Disclosure: Stakeholders, Opportunities, Challenges" J. Cybersecur. Priv. 1, no. 2: 274-288. https://doi.org/10.3390/jcp1020015

Find Other Styles

Article Access Map by Country/Region

1
Back to TopTop