Connected autonomous vehicles are an important building block in the digitization of government, economy, and society. The previously closed vehicle system is now connected to other vehicles, mobile terminals (e.g., smartphones), infrastructure components (e.g., charging stations for electric vehicles), the Internet and various backend systems (e.g., of the manufacturer or insurance companies). In addition to autonomous driving functions, this also enables many value-added services. However, the connectivity additions also introduce a rich attack surface on vehicles and connected infrastructure components, which creates considerable interest of attackers with different goals. The potential consequences of attacks include economic damage (e.g., expensive recalls, loss of image), threats to life and limb (e.g., an attacker could take over an autonomous vehicle to carry out a terrorist attack) and violations of privacy (e.g., the creation of motion profiles or usage profiles). It is therefore essential to integrate IT security and data protection (privacy) measures from the beginning into autonomous driving systems and safety-critical systems in general to guarantee functional safety even under attack situations. This requires a holistic view of the development process, life cycle, and the overall architecture of the vehicle and infrastructure.