Verification of Integrity in Vehicle Architectures

Jakobs, Christine; Naumann, Billy; Werner, M.; Schmidt, Karsten

doi:10.1145/3386723.3387883

Cited by 3 publications

(4 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This method demands a verification approach on the architectural level refined throughout the complete development process. For that, preliminary work exists [19] [20] [21], which we now want to develop further.…”

Section: Discussionmentioning

confidence: 99%

Heuristic Risk Treatment for ISO/SAE 21434 Development Projects

Jakobs¹,

Werner²,

Schmidt³

et al. 2022

Annals of Computer Science and Information Systems

Self Cite

View full text Add to dashboard Cite

Due to new technologies for connectivity, automotive systems shift from a closed to an open system approach. Therefore, automotive systems have a rising demand for security, letting security be an upcoming field in research and practice. Also, the newly published process standard ISO/SAE 21434 demands adjustments in the development process to address cybersecurity. The unique characteristics of automotive systems leave many approaches from other system types inapplicable. This work concentrates on the risk treatment step in the cybersecurity development process. Due to the vast amount of differing terminology, we see the need to define a flexible taxonomy adaptable to several system types and used in systems with normative references. We use this taxonomy to develop a heuristic approach for risk treatment based on a distinct terminology for security requirements. The presented method is extendable to include several trade-off points.

show abstract

Section: Discussionmentioning

confidence: 99%

Heuristic Risk Treatment for ISO/SAE 21434 Development Projects

Jakobs¹,

Werner²,

Schmidt³

et al. 2022

Annals of Computer Science and Information Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…Verification of security properties is also demonstrated by Jakobs et al [14], in which an approach for integrity verification of vehicle architectures is presented. The authors view integrity as an information flow problem and discuss existing security measures, such as secure and authenticated boot, Hardware Security Modules (HSMs), or message authentication, to ensure this property.…”

Section: Approaches Based On Testing/verifying Security Mechanisms Pr...mentioning

confidence: 98%

“…Jakobs et al present an extension in [193]. The authors use the same architecture as in [14] to illustrate their approach. The architecture includes two ECUs and a gateway connected by Ethernet via a router.…”

Section: Approaches Based On Testing/verifying Security Mechanisms Pr...mentioning

confidence: 99%

See 1 more Smart Citation

Survey of Model-Based Security Testing Approaches in the Automotive Domain

2023

View full text Add to dashboard Cite

Modern connected or autonomous vehicles (AVs) are highly complex cyber-physical systems. As a result of the high number of different technologies and connectivity features involved, testing these systems to identify security vulnerabilities is a big challenge. Security testing techniques, such as penetration testing, are often manual methods that are applied comparatively late in the vehicle development process. Thus, vulnerabilities are only detected late or after development, leading to higher costs and more patching effort. To reduce the amount of testing resources in general and enable early and automated testing, modelbased testing methods have been established in several domains, such as information technology and the automotive domain. The transfer of model-based testing approaches to automotive security testing could help to detect vulnerabilities earlier than other, manual methods by automatically generating, executing, or simulating security tests. In this study, we review the literature on model-based test approaches in the automotive domain. First, we consider security-independent approaches to obtain an overview of applied models, formalisms, test selection criteria, and test generation techniques. In addition, we investigate, whether and how model-based approaches are applied for automotive security testing. Overall, we identified 63 publications related to model-based testing and 29 publications with regard to model-based security testing. The aim of this study is to provide an overview and direct comparison between these approaches. In this manner, the state of model-based security testing in the automotive domain, current challenges, and potential research areas are determined. INDEX TERMSAutomotive security, model-based testing, model-based security testing.

show abstract