Your browser doesn't support javascript. This means that the content or functionality of our website will be limited or unavailable. If you need more information about Vinnova, please contact us.

HEAVENS: HEAling Vulnerabilities to ENhance Software Security and Safety

Reference number
Coordinator Volvo Technology AB - BF 40700 Electrical and embedded systems
Funding from Vinnova SEK 5 164 878
Project duration April 2013 - March 2016
Status Completed
Venture Electronics, software and communication - FFI
End-of-project report 2012-04625eng.pdf (pdf, 987 kB)

Purpose and goal

The goal of the HEAVENS project has been to identify security vulnerabilities in automotive systems and to present methodologies along with tools to evaluate security. Other goals have been to investigate the interplay of safety and security in the context of automotive E/E systems. The result, we call it the HEAVENS security model, is a systematic approach, including methods, processes and tool support, of deriving security requirements and to perform security testing and evaluation for E/E systems.

Results and expected effects

The activities that have been performed within the HEAVENS project have strengthened Volvo and other project partner´s position within the research area of automotive security. The project has also attracted a lot of attention and interest from SAE J3061, AUTOSAR WP-X-SEC, NHTSA, Volvo and the other participating companies and has brought up security on several internal agendas to highlight the need for increased activity in this area.

Approach and implementation

Seven different work packages have: 1. Investigated how security models and testing could be used by different stake holders 2. Identified different methods and tools to evaluate various dimensions of automotive software security and to establish state-of-the-art within this area 3. Defined methods and tools that are required to perform security testing and evaluation 4. Identified the interplay of safety and security in the context of the E/E architecture 5. Demonstrated proof of concepts from the work packages above 6. Handled project management 7. Arranged dissemination events

The project description has been provided by the project members themselves and the text has not been looked at by our editors.

Last updated 24 February 2020

Reference number 2012-04625

Page statistics