Secure Coding Practices for Automotive – PRQA Fall Seminar

About the seminar

moses-finalOctober 27, PRQA organized a FREE face-to-face Seminar in Dearborn, MI, where a number of speakers disclosed their considerable and varied experience on Secure Coding Best Practices for Automotive. Furthermore, this industry continues to generate a stream of disquieting headlines:

      “Toyota recalls 625,000 hybrid cars globally for software glitch”

      “Auto industry must tackle its software problems to stop hacks as cars go online”

      “The connected car of the future: Get ready for more software bugs”

      “Ford's 400,000-car recall could be the tip of an auto security iceberg“

      “Fiat Chrysler braced for record $105m fine for failures during vehicle safety recalls”

      “Hack of connected car raises alarm over driver safety”

      “This Gadget Hacks GM Cars to Locate, Unlock, and Start Them”

      “Hackers Remotely Kill a Jeep on the Highway—With Me in It”


Automotive software has historically comprised of discrete safety-critical embedded applications such as ABS and traction control. More recently the scope and volume of software has grown dramatically. On the one hand, the industry is now delivering a plethora of very complex safety-critical solutions such as ADAS and Autonomous driving, and on the other hand, the scope of Infotainment has widened and morphed into the Connected Car.

Historically there was no need for those developing discrete embedded software to consider security threats. Today’s situation – per the headlines above - is very different. It is essential that automotive software teams have a very good understanding of security, and how to manage the risks, by adopting coding best practices and applying standards such as CWE, CERT ®, MISRA and ISO 26262.


  • Prioritizing Security Vulnerabilities and Focused Testing (Robert Martin) - In this session, Robert discloses more about how the absence of a common measure for software weaknesses has limited the software industry's ability to access and remediate exploitable software flaws. Consequently, organizations such as CWE, CAPEC, CWSS, CWRAF have provided consistent and structured mechanisms for prioritizing assurance efforts to deal with the most dangerous weaknesses to the system's intended functions and capabilities first.

  • Connected Car Security (Robert Seacord) - This talk describes the expanding vehicular attack surface as well as specific classes of automotive vulnerabilities and how those are exploited. Additionally, Robert describes mitigation strategies for improving vehicle security.

  • Capturing and Communicating Assurance (Robert Martin) - Assurance cases are used in several industries to demonstrate confidence in properties of interest such as safety or security, and support claims about those properties with evidence.  The explicit connections between what is claimed and the evidence used to argue that the claim is true makes assurance cases a useful tool for third parties to understand what evidence was collected to help gain confidence that the desired characteristics are present.

  • Secure Coding with Multi-Threading (Evgueni Kolossov) - The benefits of using multi-threading and parallel programming are widely acknowledged. These advantages are not limited to performance, but also simultaneously allow the software to be more responsive, fault, tolerant, efficient, and simple. In this presentation, Evgueni discusses the main principles of secure and safe programming in multi-threading and parallel environments, concentrating on explanation of the problems and challenges developers are going to face.

  • MISRA vs CERT® (Fergus Bolger) - The scope of CERT® is typically oriented towards security vulnerabilities. Whereas, MISRA gives more consideration on how to avoid unpredictable behaviour in safety-critical software. In this session, Fergus explores the similarities and differences, regarding these two coding standards.

  • Panel Discussion - Combining elements of CERT® C, MISRA, CWE.