System Context

Product/System Context Diagram

flowchart LR OEM["OEM customer / vehicle manufacturer"] Supplier["Supplier security engineering"] subgraph Vehicle["Vehicle or ECU context"] ECU["Electric Clutch Actuator ECU"] Network["Vehicle networks and other ECUs"] end Backend["Backend / cloud / IT systems"] Diag["Diagnostic and service tools"] Dev["Development / ALM / evidence tools"] SecOps["Security operations / monitoring"] OEM -->|requirements, approval, residual risk| Supplier Supplier -->|software, security concept, evidence| OEM ECU <--> |signals, messages, SecOC or SDT data| Network Diag -->|UDS, authentication, programming| ECU Backend -->|updates, certificates, logs| ECU Dev -->|builds, tests, traceability| Supplier ECU -->|security events and evidence| SecOps SecOps -->|vulnerability and incident feedback| Supplier

Mermaid source

flowchart LR
  OEM["OEM customer / vehicle manufacturer"]
  Supplier["Supplier security engineering"]
  subgraph Vehicle["Vehicle or ECU context"]
    ECU["Electric Clutch Actuator ECU"]
    Network["Vehicle networks and other ECUs"]
  end
  Backend["Backend / cloud / IT systems"]
  Diag["Diagnostic and service tools"]
  Dev["Development / ALM / evidence tools"]
  SecOps["Security operations / monitoring"]
  OEM -->|requirements, approval, residual risk| Supplier
  Supplier -->|software, security concept, evidence| OEM
  ECU <--> |signals, messages, SecOC or SDT data| Network
  Diag -->|UDS, authentication, programming| ECU
  Backend -->|updates, certificates, logs| ECU
  Dev -->|builds, tests, traceability| Supplier
  ECU -->|security events and evidence| SecOps
  SecOps -->|vulnerability and incident feedback| Supplier

Product System Context

Classification: Inferred from Requirements

The context is an automotive ECU/component security engineering scope embedded in a vehicle ecosystem and surrounded by supplier, OEM/customer, diagnostic, backend, tooling, and security-operations actors.

Evidence Basis:

Requirement IDs: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ-AUTO-00004; REQ-AUTO-00005; REQ-AUTO-00006; REQ_SEC_0003; REQ_SEC_0022; REQ-AUTO-00009; REQ_SEC_0023 (showing 10 of 371)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 3; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 11 (showing 8 of 139)
Confidence level: Medium
Classification: Inferred from Requirements

See architecture/system_context.mmd for the rendered context view.

Architecture System Context

System Context

Classification: Inferred from Requirements

The context view positions the Electric Clutch Actuator ECU in the vehicle, supplier, OEM/customer, diagnostic, backend, PKI, tooling, and security-operations ecosystem.

Evidence Basis:

Requirement IDs: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ-AUTO-00004; REQ-AUTO-00005; REQ-AUTO-00006; REQ_SEC_0003; REQ_SEC_0022; REQ-AUTO-00009; REQ_SEC_0023 (showing 10 of 379)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 3; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 11 (showing 8 of 142)
Confidence level: Medium
Classification: Inferred from Requirements

External Actors

OEM/customer cybersecurity approval and evidence interface

Classification: Explicit Requirement

Actor/interface type: Customer
Connected elements: Supplier security engineering -> vehicle manufacturer/OEM/customer
Role: Exchange cybersecurity concept, method, results, residual-risk position, verification evidence, and approval decisions.

Evidence Basis:

Requirement IDs: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ-AUTO-00004; REQ-AUTO-00005; REQ-AUTO-00006; REQ_SEC_0003; REQ_SEC_0024; REQ_SEC_0004; REQ_SEC_0005 (showing 10 of 157)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 3; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 11 (showing 8 of 74)
Confidence level: Medium
Classification: Explicit Requirement

Diagnostic/service tool to ECU interface

Classification: Explicit Requirement

Actor/interface type: Diagnostic
Connected elements: Diagnostic/service tool -> ECU diagnostic server/security services
Role: Provide service, maintenance, programming, and authenticated diagnostic access.

Evidence Basis:

Requirement IDs: REQ_SEC_0010; REQ_SEC_0011; req-6.20; REQ-AUTO-00282; REQ-AUTO-00284; REQ-AUTO-00290; REQ_UDS-0051; REQ_UDS-0051; REQ-AUTO-00297; REQ-AUTO-00298 (showing 10 of 385)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/3299216_1.md page 23; converted/markdown-cleaned/CVS123-2.md page 4; converted/markdown-cleaned/CVS123-2.md page 6; converted/markdown-cleaned/CVS123-2.md page 7; converted/markdown-cleaned/CVS123-2.md page 9; converted/markdown-cleaned/CVS123-2.md page 10; converted/markdown-cleaned/CVS123-2.md page 11 (showing 8 of 133)
Confidence level: Medium
Classification: Explicit Requirement

Vehicle network secure data communication interface

Classification: Inferred from Requirements

Actor/interface type: Vehicle Network
Connected elements: Other ECUs / vehicle network <-> product ECU/application
Role: Exchange vehicle-function data, protected messages, counters, and stateful request/response traffic.

Evidence Basis:

Requirement IDs: REQ-AUTO-00066; REQ-AUTO-00141; req-6.3; REQ-AUTO-00146; REQ-AUTO-00173; REQ-AUTO-00193; REQ-AUTO-00196; REQ-AUTO-00199; REQ-AUTO-00310; REQ-AUTO-00334 (showing 10 of 127)
Source Markdown sections/pages: converted/markdown-cleaned/3299216_1.md page 4; converted/markdown-cleaned/3299216_1.md page 22; converted/markdown-cleaned/3299216_1.md page 23; converted/markdown-cleaned/3299216_1.md page 27; converted/markdown-cleaned/3299216_1.md page 31; converted/markdown-cleaned/3299216_1.md page 33; converted/markdown-cleaned/CVS123-2.md page 9; converted/markdown-cleaned/CVS123-2.md page 12 (showing 8 of 49)
Confidence level: Medium
Classification: Inferred from Requirements

Secure update, flash, and IVD interface

Classification: Inferred from Requirements

Actor/interface type: Backend
Connected elements: Update/flash backend or programming tool -> ECU update/boot/security services
Role: Deliver and verify software updates, flash programming content, and integrity validation data.

Evidence Basis:

Requirement IDs: REQ-AUTO-00203; REQ-AUTO-00279; REQ-AUTO-00284; REQ-AUTO-00290; REQ_UDS-0051; REQ-AUTO-00297; REQ-AUTO-00298; REQ-AUTO-00302; REQ-AUTO-00303; REQ-AUTO-00306 (showing 10 of 81)
Source Markdown sections/pages: converted/markdown-cleaned/3299216_1.md page 34; converted/markdown-cleaned/CVS123-2.md page 1; converted/markdown-cleaned/CVS123-2.md page 4; converted/markdown-cleaned/CVS123-2.md page 6; converted/markdown-cleaned/CVS123-2.md page 7; converted/markdown-cleaned/CVS123-2.md page 9; converted/markdown-cleaned/CVS123-2.md page 10; converted/markdown-cleaned/CVS123-2.md page 11 (showing 8 of 47)
Confidence level: Medium
Classification: Inferred from Requirements

Certificate and key provisioning interface

Classification: Explicit Requirement

Actor/interface type: Backend
Connected elements: PKI/provisioning authority -> ECU security services / HSM
Role: Provision, validate, and manage certificates, trust anchors, and cryptographic key material.

Evidence Basis:

Requirement IDs: REQ_SEC_0016; REQ_SEC_0019; REQ-AUTO-00335; REQ-AUTO-00340; REQ-AUTO-00445; REQ_UDS-0038; REQ_UDS-0068; REQ_UDS-0070; REQ_UDS-0071; REQ_UDS-0072 (showing 10 of 69)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/CVS123-2.md page 14; converted/markdown-cleaned/CVS123-2.md page 16; converted/markdown-cleaned/CVS123-2.md page 37; converted/markdown-cleaned/CVS124.md page 22; converted/markdown-cleaned/CVS124.md page 34; converted/markdown-cleaned/CVS124.md page 40; converted/markdown-cleaned/CVS151.md page 11 (showing 8 of 29)
Confidence level: Medium
Classification: Explicit Requirement

Backend/cloud/IT operational interface

Classification: Inferred from Requirements

Actor/interface type: Cloud
Connected elements: Backend/cloud/IT systems <-> supplier/OEM/product lifecycle processes
Role: Support offboard functions such as update coordination, evidence storage, monitoring, vulnerability handling, or supplier portals.

Evidence Basis:

Requirement IDs: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ_SEC_0003; REQ_SEC_0022; REQ-AUTO-00009; REQ_SEC_0023; REQ-AUTO-00011; REQ_SEC_0024; REQ_SEC_0004 (showing 10 of 748)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 3; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 11 (showing 8 of 218)
Confidence level: Medium
Classification: Inferred from Requirements

Development, ALM, and evidence tooling interface

Classification: Explicit Requirement

Actor/interface type: Tooling
Connected elements: Engineering tools / ALM / CI / test systems -> evidence and release artifacts
Role: Create, verify, trace, review, and archive security engineering evidence and released artifacts.

Evidence Basis:

Requirement IDs: REQ-AUTO-00001; REQ_SEC_0002; REQ-AUTO-00009; REQ_SEC_0023; REQ_SEC_0004; REQ_SEC_0005; REQ_SEC_0041; REQ_SEC_0008; REQ_SEC_0026; REQ_SEC_0027 (showing 10 of 192)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 3; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 8; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 9; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 12 (showing 8 of 110)
Confidence level: Medium
Classification: Explicit Requirement

Security operations and vulnerability reporting interface

Classification: Explicit Requirement

Actor/interface type: Operational
Connected elements: Product/backend/security monitoring -> supplier and OEM security operations
Role: Move security events, vulnerabilities, penetration-test findings, and incident information into lifecycle handling.

Evidence Basis:

Requirement IDs: REQ_SEC_0002; REQ-AUTO-00009; REQ_SEC_0040; REQ_SEC_0041; REQ_SEC_0044; REQ_SEC_0045; REQ_SEC_0046; REQ_SEC_0032; REQ_SEC_0033; REQ_SEC_0034 (showing 10 of 25)
Source Markdown sections/pages: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 10; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 11; converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 12; converted/markdown-cleaned/3299216_1.md page 27; converted/markdown-cleaned/3299216_1.md page 36 (showing 8 of 16)
Confidence level: Medium
Classification: Explicit Requirement