Clarification of Ambiguity for the Simple Authentication and Security Layer

Al-Shareefi, Farah; Lisitsa, Alexei; Dixon, Clare

doi:10.1007/978-3-319-91271-4_13

Cited by 2 publications

(3 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our modelling of the CAM protocol also allowed us to clarify what was described in the documentation but we focus on different properties as identified by our STRIDE threat analysis of the CAM protocol. Clarification of an informally specified protocol framework using abstract state machines as compared to a concrete implementation was considered in [23].…”

Section: Combining Security and Verificationmentioning

confidence: 99%

“…8 with respect to when the vehicle should brake. Specifically, we loop through the sequence of received cams (lines 12-30) and if one is found which indicates that the originating vehicle is travelling in the same direction as the current one (line 21), then we brake if the CAM was recent enough or the sensors indicate that we should (lines [23][24][25][26]. This condition was inspired by the identification of a DoS threat so we ensure that, if the received CAM is out of date (potentially due to jamming) then we rely on the physical sensors to indicate when braking should occur.…”

Section: Receiving Camsmentioning

confidence: 99%

See 1 more Smart Citation

Security-Minded Verification of Cooperative Awareness Messages

Farrell,

Bradbury,

Cardoso

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Autonomous robotic systems systems are both safety-and security-critical, since a breach in system security may impact safety. In such critical systems, formal verification is used to model the system and verify that it obeys specific functional and safety properties. Independently, threat modelling is used to analyse and manage the cyber security threats that such systems may encounter. Both verification and threat analysis serve the purpose of ensuring that the system will be reliable, albeit from differing perspectives. In prior work, we argued that these analyses should be used to inform one another and, in this paper, we extend our previously defined methodology for security-minded verification by incorporating runtime verification. To illustrate our approach, we analyse an algorithm for sending Cooperative Awareness Messages between autonomous vehicles. Our analysis centres on identifying STRIDE security threats. We show how these can be formalised, and subsequently verified, using a combination of formal tools for static aspects, namely Promela/SPIN and Dafny, and generate runtime monitors for dynamic verification. Our approach allows us to focus our verification effort on those security properties that are particularly important and to consider safety and security in tandem, both statically and at runtime.

show abstract

Section: Combining Security and Verificationmentioning

confidence: 99%

Section: Receiving Camsmentioning

confidence: 99%

Security-Minded Verification of Cooperative Awareness Messages

Farrell,

Bradbury,

Cardoso

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…Security and Privacy. Our previous work on security, using temporal and modal logics [65], has led on to work on security verification and evaluation [66,67]. Recent work has also involved combining informal threat analysis techniques with our formal verification approaches [68,69], allowing formal techniques to be focussed on the areas of highest risk.…”

Section: Transparency and Explainabilitymentioning

confidence: 99%

Verifiable autonomy: From theory to applications

Dennis

Dixon

Fisher

2022

AIC

Self Cite

View full text Add to dashboard Cite

The Autonomy and Verification group11 Part of a wider, international, Autonomy and Verification Network of activity: https://autonomy-and-verification.github.io sits within the Department of Computer Science22 https://www.cs.manchester.ac.uk at the University of Manchester. The group has a long history of research into agents and multi-agent systems (both at Manchester and, previously, at the University of Liverpool) particularly in the areas of formal specification and verification, multi-agent programming, ethical agent reasoning, and swarms, teams and organisations.

show abstract

Clarification of Ambiguity for the Simple Authentication and Security Layer

Cited by 2 publications

References 14 publications

Security-Minded Verification of Cooperative Awareness Messages

Security-Minded Verification of Cooperative Awareness Messages

Verifiable autonomy: From theory to applications

Contact Info

Product

Resources

About