"Integration of agile approach into the implementation of the ISO/SAE 2" by Pooja Patil

Author

Pooja Patil

Date Approved

2025

Degree Type

Open Access Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department or School

College of Engineering and Technology

Committee Member

Samir Tout, PhD

Committee Member

Suleiman Ashur, PhD

Committee Member

William Sverdlik, PhD

Committee Member

Munther Abualkibash, PhD

Abstract

The rapid evolution of technology is revolutionizing the automotive industry, with connected and autonomous vehicles at the forefront. These vehicles rely on complex digital ecosystems to enhance safety and efficiency but are increasingly vulnerable to cybersecurity threats. Addressing these challenges requires following robust development methodologies, while complying with cybersecurity standards. This study introduces a framework that merges the widely used agile methodology practices with the ISO/SAE 21434 standard to support secure-by-design automotive product development. Traditional development approaches like the V-model provide structured and linear project phases, but they often lack the flexibility and the ability to adapt to evolving security needs. By incorporating agile principles, the framework promotes iterative, adaptive, and collaborative processes, ensuring timely identification and mitigation of risks. This research highlights the critical role of integrating agile methodologies with the established cybersecurity standards to meet the growing demands of connected vehicle security, offering valuable contributions to both academic and industry practices. The study also demonstrates how iterative threat analysis and risk assessments can be performed to refine cybersecurity goals and prioritize risks. It also provides a practical case study, which implements the above integration, showing how techniques, such as continuous testing of the tool, were applied within every agile sprints to verify the tool's effectiveness by shifting verification and validation earlier in the development process. This approach improved risk management efficiency and ensured compliance with ISO/SAE 21434 requirements. The study highlights the framework’s practicality, showing how it can streamline cybersecurity processes in a dynamic automotive development environment. By adopting this agile-driven methodology, organizations can better manage cybersecurity risks, align with industry standards, and foster a culture of continuous improvement.

Share

COinS