Geismann, J.J.GeismannGerking, C.C.GerkingBodden, E.E.Bodden2022-03-142022-03-142018https://publica.fraunhofer.de/handle/publica/40372810.1145/3202710.3203159Engineering cyber-physical systems secure by design requires engineers to consider security from the ground up. However, current systems engineering processes are not tailored to cyber-physical systems, or lack an integration with security engineering. In this paper, we integrate secure software engineering practices into an engineering process for cyber-physical systems. Thereby, we enable engineers to specify security requirements at the level of systems engineering, and to take effective countermeasures during both platform-independent and platform-specific software engineering. Our key contribution is the integration of threat models for tracing security requirements to countermeasures. We illustrate our approach by an autonomous car with high security requirements.enconference paper