Saved in:
Bibliographic Details
Main Authors: Basu, Srijita, Bengt, Haraldsson, Staron, Miroslaw, Berger, Christian, Horkoff, Jennifer, Almgren, Magnus
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.07941
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908584339570688
author Basu, Srijita
Bengt, Haraldsson
Staron, Miroslaw
Berger, Christian
Horkoff, Jennifer
Almgren, Magnus
author_facet Basu, Srijita
Bengt, Haraldsson
Staron, Miroslaw
Berger, Christian
Horkoff, Jennifer
Almgren, Magnus
contents Cooperative, Connected and Automated Mobility (CCAM) are complex cyber-physical systems (CPS) that integrate computation, communication, and control in safety-critical environments. At their core, System-on-Chip (SoC) platforms consolidate processing units, communication interfaces, AI accelerators, and security modules into a single chip. AUTOSAR (AUTomotive Open System ARchitecture) standard was developed in the automotive domain to better manage this complexity, defining layered software structures and interfaces to facilitate reuse of HW/SW components. However, in practice, this integrated SoC software architecture still poses security challenges, particularly in real-time, safety-critical environments. Recent reports highlight a surge in SoC-related vulnerabilities, yet systematic analysis of their root causes and impact within AUTOSAR-aligned architectures is lacking. This study fills that gap by analyzing 180 publicly reported automotive SoC vulnerabilities, mapped to a representative SoC software architecture model that is aligned with AUTOSAR principles for layered abstraction and service orientation. We identify 16 root causes and 56 affected software modules, and examine mitigation delays across Common Weakness Enumeration (CWE) categories and architectural layers. We uncover dominant vulnerability patterns and critical modules with prolonged patch delays, and provide actionable insights for securing automotive CPS platforms, including guides for improved detection, prioritization, and localization strategies for SoC software architectures in SoC-based vehicle platforms.
format Preprint
id arxiv_https___arxiv_org_abs_2510_07941
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle An AUTOSAR-Aligned Architectural Study of Vulnerabilities in Automotive SoC Software
Basu, Srijita
Bengt, Haraldsson
Staron, Miroslaw
Berger, Christian
Horkoff, Jennifer
Almgren, Magnus
Software Engineering
Cooperative, Connected and Automated Mobility (CCAM) are complex cyber-physical systems (CPS) that integrate computation, communication, and control in safety-critical environments. At their core, System-on-Chip (SoC) platforms consolidate processing units, communication interfaces, AI accelerators, and security modules into a single chip. AUTOSAR (AUTomotive Open System ARchitecture) standard was developed in the automotive domain to better manage this complexity, defining layered software structures and interfaces to facilitate reuse of HW/SW components. However, in practice, this integrated SoC software architecture still poses security challenges, particularly in real-time, safety-critical environments. Recent reports highlight a surge in SoC-related vulnerabilities, yet systematic analysis of their root causes and impact within AUTOSAR-aligned architectures is lacking. This study fills that gap by analyzing 180 publicly reported automotive SoC vulnerabilities, mapped to a representative SoC software architecture model that is aligned with AUTOSAR principles for layered abstraction and service orientation. We identify 16 root causes and 56 affected software modules, and examine mitigation delays across Common Weakness Enumeration (CWE) categories and architectural layers. We uncover dominant vulnerability patterns and critical modules with prolonged patch delays, and provide actionable insights for securing automotive CPS platforms, including guides for improved detection, prioritization, and localization strategies for SoC software architectures in SoC-based vehicle platforms.
title An AUTOSAR-Aligned Architectural Study of Vulnerabilities in Automotive SoC Software
topic Software Engineering
url https://arxiv.org/abs/2510.07941