Cybersecurity Testing for Automotive Domain: A Survey

Luo, Feng; Zhang, Xuan; Yang, Zhenyu; Jiang, Yifan; Wang, Jiajia; Wu, Mingzhi; Feng, Wanqiang

doi:10.3390/s22239211

Cited by 13 publications

(4 citation statements)

References 77 publications

(60 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As outlined in Section I, a main drawbacks of the current security testing process is the complexity of modern vehicles, late and manual testing techniques, such as penetration testing, and the challenge of identifying vulnerabilities as early as possible through testing. Existing surveys on (model-based) security testing, such as the work of Mahmood et al [63], Luo et al [64], and Pekaric et al [65] often refer to penetration testing and dynamic analysis techniques (e.g., fuzzing and vulnerability scanning) that do not support early vulnerability testing and can only be applied late in the development cycle. Surveys, such as the work of Altinger et al [15] and Kriebel et al [17], suggest that model-based testing addresses these challenges.…”

Section: Discussionmentioning

confidence: 99%

“…In addition, four methods that can be used for security testing are described: penetration testing, fuzz testing, vulnerability scanning, and model-based security testing. Luo et al [64] examine security testing methods that are used in the automotive sector. The authors distinguish between knowledge-based, automation-based, threat-based, risk-based, requirement-based, and model-based security testing.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Survey of Model-Based Security Testing Approaches in the Automotive Domain

2023

View full text Add to dashboard Cite

Modern connected or autonomous vehicles (AVs) are highly complex cyber-physical systems. As a result of the high number of different technologies and connectivity features involved, testing these systems to identify security vulnerabilities is a big challenge. Security testing techniques, such as penetration testing, are often manual methods that are applied comparatively late in the vehicle development process. Thus, vulnerabilities are only detected late or after development, leading to higher costs and more patching effort. To reduce the amount of testing resources in general and enable early and automated testing, modelbased testing methods have been established in several domains, such as information technology and the automotive domain. The transfer of model-based testing approaches to automotive security testing could help to detect vulnerabilities earlier than other, manual methods by automatically generating, executing, or simulating security tests. In this study, we review the literature on model-based test approaches in the automotive domain. First, we consider security-independent approaches to obtain an overview of applied models, formalisms, test selection criteria, and test generation techniques. In addition, we investigate, whether and how model-based approaches are applied for automotive security testing. Overall, we identified 63 publications related to model-based testing and 29 publications with regard to model-based security testing. The aim of this study is to provide an overview and direct comparison between these approaches. In this manner, the state of model-based security testing in the automotive domain, current challenges, and potential research areas are determined. INDEX TERMSAutomotive security, model-based testing, model-based security testing.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: A Related Workmentioning

confidence: 99%

Survey of Model-Based Security Testing Approaches in the Automotive Domain

2023

View full text Add to dashboard Cite

show abstract

“…They assist in automating security testing processes, identifying security weaknesses, and ensuring adherence to established security standards [199][200][201]. Security testing frameworks provide a structured and systematic approach to evaluate the security posture of automotive systems [202][203][204][205].…”

Section: Security Testing Frameworkmentioning

confidence: 99%

Formal Methods and Validation Techniques for Ensuring Automotive Systems Security

Krichen

2023

Information

View full text Add to dashboard Cite

The increasing complexity and connectivity of automotive systems have raised concerns about their vulnerability to security breaches. As a result, the integration of formal methods and validation techniques has become crucial in ensuring the security of automotive systems. This survey research paper aims to provide a comprehensive overview of the current state-of-the-art formal methods and validation techniques employed in the automotive industry for system security. The paper begins by discussing the challenges associated with automotive system security and the potential consequences of security breaches. Then, it explores various formal methods, such as model checking, theorem proving, and abstract interpretation, which have been widely used to analyze and verify the security properties of automotive systems. Additionally, the survey highlights the validation techniques employed to ensure the effectiveness of security measures, including penetration testing, fault injection, and fuzz testing. Furthermore, the paper examines the integration of formal methods and validation techniques within the automotive development lifecycle, including requirements engineering, design, implementation, and testing phases. It discusses the benefits and limitations of these approaches, considering factors such as scalability, efficiency, and applicability to real-world automotive systems. Through an extensive review of relevant literature and case studies, this survey provides insights into the current research trends, challenges, and open research questions in the field of formal methods and validation techniques for automotive system security. The findings of this survey can serve as a valuable resource for researchers, practitioners, and policymakers involved in the design, development, and evaluation of secure automotive systems.

show abstract

“…The proposed security indexing approach is developed based on BC and deep autoencoder clustering (DAC) concepts with a focus on balancing system efficiency and reliability. Most security assessment or testing approaches count on burdensome computation, which are impractical for VANET devices owing to the resource limitation [67]. But still, features for security assessment can involve numerous concerns, and Indexing function provides prompt on-site index generation based on device reported features.…”

Section: Security Indexingmentioning

confidence: 99%

Secured Scalable Blockchain Networks for Trustworthy Distributed Deep Learning in VANETs

View full text Add to dashboard Cite

Distributed deep learning (DDL) within vehicular ad hoc networks (VANETs) holds profound significance in developing smart applications, such as intelligent transport systems and autonomous driving, where multiple parties are coordinated to leverage the training capability and acquisitive intelligence. Blockchain (BC) is a distribution technology promising for trustworthy DDL, holding the divide-and-conquer concept with decentralized management and consensus algorithms to reduce the exposure of sensitive controllers and thus the risks of malicious system-wide attacks. Moreover, zero trust architecture (ZTA) concepts are promoted as innovative cybersecurity solution which can be integrated with BC to address the resource-limited and infrastructure-less issues to augment the strength of DDL in VANETs. In this dissertation, the BC and ZTA potential is explored to construct reliable VANETs for trustworthy data sharing and thus to support significant within-VANET DDL and relevant applications. Firstly, virtualized distributed ledger technology (vDLT) is developed as the multimedia BC platform, followed by vDLT-based VANETs built to solve the unsteady communication; secondly, vDLT is improved to transmit and secure traffic events in VANETs; subsequently, a vDLT-based DDL system is proposed to enhance object detection (OD) inside VANETs; finally, ZTA and sharding scheme are enabled in vDLT-based VANETs for improved protection. Generally, vDLT runs with virtualized resource and sharding supports for scalability improvement, along with multi-layered consensus algorithm and an adaptable hierarchical and decentralized PBAC (hdPBAC) access control i model to agilely protect the DDL procedures and relevant DDL-related applications.The proposed system has been developed, including the vDLT system, the multimedia streaming over vDLT in fixed networks and VANETs, a precursory vDLT-based DDL system for OD purpose, and the integration of ZTA into scalable-BC-based VANETs.The evaluation results show the feasibility of proposed design and demonstrate the significance of performance improvements. First and foremost, I would like to express my deepest appreaciation to my supervisor, Prof. Richard Yu, who have been working with his wholehearted dedication to supervise my PhD study. His immense knowledge and cutting-edge insights have been encouraging me of elevating my academic research quality. He have also endearvored to find fundings to support my study and daily life to keep my work proceeding smoothly. Without his invaluable advice and continous supports, the achievements during my study would have been impossible. Words are powerless to express my gratitude to him, and I will maintain my grateful heart constantly and sincerely. I am also grateful to Prof. Omair Shafiq for his valuable comments and suggestions on my research and his knowledge and experience in engineering shared for my improvements. Additionally, I would like to thank Prof. Ashraf Matrawy, Prof. Rong Liu, and Prof. Azzedine Boukerche for serving in my dissertation ...

show abstract

Cybersecurity Testing for Automotive Domain: A Survey

Cited by 13 publications

References 77 publications

Survey of Model-Based Security Testing Approaches in the Automotive Domain

Survey of Model-Based Security Testing Approaches in the Automotive Domain

Formal Methods and Validation Techniques for Ensuring Automotive Systems Security

Secured Scalable Blockchain Networks for Trustworthy Distributed Deep Learning in VANETs

Contact Info

Product

Resources

About