Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology

Yuri Dantas; Simon Barner; Pei Ke; Vivek Nigam; Ulrich Schöpp

doi:10.5220/0011786400003405

Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology

Yuri Dantas, Simon Barner, Pei Ke, Vivek Nigam, Ulrich Schöpp

2023

Abstract

This article proposes automated methods for threat analysis using a model-based engineering methodology that provides precise guarantees with respect to safety goals. This is accomplished by proposing an intruder model for automotive SOA which together with the system architecture and the loss scenarios identified by safety analysis are used as input for computing assets, impact rating, damage/threat scenarios, and attack paths. To validate the proposed methodology, we developed a faithful model of the autonomous driving functions of the Apollo framework, a widely used open source autonomous driving stack. The proposed machinery automatically enumerates several attack paths on Apollo, including attack paths not reported in the literature.

Download

Paper Citation

in Harvard Style

Dantas Y., Barner S., Ke P., Nigam V. and Schöpp U. (2023). Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 180-191. DOI: 10.5220/0011786400003405

in Bibtex Style

@conference{icissp23,
author={Yuri Dantas and Simon Barner and Pei Ke and Vivek Nigam and Ulrich Schöpp},
title={Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={180-191},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011786400003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology
SN - 978-989-758-624-8
AU - Dantas Y.
AU - Barner S.
AU - Ke P.
AU - Nigam V.
AU - Schöpp U.
PY - 2023
SP - 180
EP - 191
DO - 10.5220/0011786400003405