Verifying Data Secure Flow in AUTOSAR Models by Static Analysis

Cinzia Bernardeschi, Marco Di Natale, Gianluca Dini, Maurizio Palmieri

2017

Abstract

This paper presents a method to check data secure flow in security annotated AUTOSAR models. The approach is based on information flow analysis and abstract interpretation. The analysis computes the lowest security level of data sent on a communication, according to the annotations in the model and the code of runnables. An abstract interpreter executes runnables on abstract domains that abstract from real values and consider only data dependency levels. Data secure flow is verified if data sent on a communication always satisfy the security annotation in the model. The work has been developed in the EU project Safure, where modeling extensions to AUTOSAR have been proposed to improve security in automotive communications.

References

  1. Adelsbach, A., Huber, U., and Sadeghi, A.-R. (2006). Secure software delivery and installation in embedded systems. In Embedded Security in Cars, pages 27-49. Springer.
  2. AUTOSAR (b). https://www.autosar.org/fileadmin/files/ releases/2-0/software-architecture/rte/standard/ autosar sws rte.pdf.
  3. Avvenuti, M., Bernardeschi, C., De Francesco, N., and Masci, P. (2012). Jcsi: A tool for checking secure information flow in java card applications. Journal of Systems and Software, 85(11):24792493.
  4. Barbuti, R., Bernardeschi, C., and De Francesco, N. (2002). Abstract interpretation of operational semantics for secure information flow. Inf. Process. Lett., 83(2):101-108.
  5. Bernardeschi, C., De Francesco, N., Lettieri, G., and Martini, L. (2004). Checking secure information flow in java bytecode by code transformation and standard bytecode verification. Software - Practice and Experience, 34(13):1225-1255.
  6. Bernardeschi, C., Del Vigna, G., Di Natale, M., Dini, G., and Varano, D. (2016). Using AUTOSAR HighLevel Specifications for the Synthesis of Security Components in Automotive Systems, pages 101-117. Springer International Publishing, Cham.
  7. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T., et al. (2011). Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. San Francisco.
  8. Cousot, P. and Cousot., R. (1992). Abstract interpretation frameworks. Journal of Logic and Computation, 4(2):511-547.
  9. D. E. Denning, P. J. D. (1977). Certification of programs for secure information flow. Communications of the ACM, 7(20):504-513.
  10. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al. (2010). Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 447-462. IEEE.
  11. Leino, K. and Joshi., R. (1998). A semantic approach to secure information flow. In Proc. 4th International Conference, Mathematics of Program Construction, LNCS 1422, pages 254-271. Springer Verlag.
  12. Lemke, K., Paar, C., and Wolf, M. (2006). Embedded security in cars. Springer.
  13. Nielson, F., Nielson, H. R., and Hankin, C. (2005). Principles of Program Analysis. Springer.
  14. Sabelfeld, A. and Mayers, A. (2003). Language-based information-flow security. IEEE journal on selected areas in communications, 21(1).
  15. Stephan, W., Richter, S., and Muller, M. (2006). Aspects of secure vehicle software flashing. In Embedded Security in Cars, pages 17-26. Springer.
  16. Volpano, D., Smith, G., and Irvine, C. (1992). A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167-187.
  17. Wyglinski, A. M., Huang, X., Padir, T., Lai, L., Eisenbarth, T. R., and Venkatasubramanian, K. (2013). Security of autonomous systems employing embedded computing and sensors. Micro, IEEE, 33(1):80-86.
Download


Paper Citation


in Harvard Style

Bernardeschi C., Di Natale M., Dini G. and Palmieri M. (2017). Verifying Data Secure Flow in AUTOSAR Models by Static Analysis . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017) ISBN 978-989-758-209-7, pages 704-713. DOI: 10.5220/0006288707040713


in Bibtex Style

@conference{forse17,
author={Cinzia Bernardeschi and Marco Di Natale and Gianluca Dini and Maurizio Palmieri},
title={Verifying Data Secure Flow in AUTOSAR Models by Static Analysis},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)},
year={2017},
pages={704-713},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006288707040713},
isbn={978-989-758-209-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)
TI - Verifying Data Secure Flow in AUTOSAR Models by Static Analysis
SN - 978-989-758-209-7
AU - Bernardeschi C.
AU - Di Natale M.
AU - Dini G.
AU - Palmieri M.
PY - 2017
SP - 704
EP - 713
DO - 10.5220/0006288707040713