Skip to main content
SpringerLink
Log in

Formalising Systematic Security Evaluations Using Attack Trees for Automotive Applications

  • Conference paper
  • First Online:
Information Security Theory and Practice (WISTP 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10741))

Abstract

Vehicles are insecure. To protect such systems, we must begin by identifying any weaknesses. One approach is to apply a systematic security evaluation to the system under test. In this paper we present a method for systematically generating tests based on attack trees. We formalise the attack trees as provably-equivalent process-algebraic processes, then automatically generate tests from the process-algebraic representation. Attack trees may include manual input (and thus so will some test cases) but scriptable test cases are automatically executed. Our approach is inspired by model based testing, but allows for the fact that we do not have a specification of the system under test. We demonstrate this methodology on a case study and find that this is a viable method for automation of systematic security evaluations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Argus Cybersecurity: Argus Cyber Security Working with Bosch to Promote Public Safety and Mitigate Car Hacking (2017). http://bit.ly/2tNBLsm

  2. Cheah, M., Bryans, J., Fowler, D.S., Shaikh, S.A.: Threat intelligence for bluetooth-enabled systems with automotive applications: an empirical study. In: Proceedings of the 47th IEEE/IFIP Dependable Systems and Networks Workshops: Security and Safety in Vehicles (SSIV). IEEE, Denver, June 2017

    Google Scholar 

  3. Cheah, M., Shaikh, S., Haas, O., Ruddle, A.: Towards a systematic security evaluation of the automotive bluetooth interface. J. Veh. Commun. 9(7), 8–18 (2017)

    Article  Google Scholar 

  4. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of 20th USENIX Security Symposium, pp. 77–92. USENIX Association, San Francisco, August 2011

    Google Scholar 

  5. Cho, K.T., Shin, K.G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security, pp. 1044–1055. ACM, New York, October 2016

    Google Scholar 

  6. Dunning, J.: SpoofTooph (2012). http://bit.ly/2tiOx5O

  7. ELM Electronics: ELM Electronics: OBD. http://bit.ly/2s0yZPZ

  8. Felderer, M., Zech, P., Breu, R., Buchler, M., Pretschner, A.: Model-based security testing: a taxonomy and systematic classification. Softw. Test. Verif. Reliab. 26(2), 119–148 (2015)

    Article  Google Scholar 

  9. Fowler, D.S., Cheah, M., Shaikh, S.A., Bryans, J.: Towards a testbed for automotive cyberecurity. In: Process of the 10th International Conference on Software Testing, Verification and Validation: Industry Track. IEEE, Tokyo, March 2017

    Google Scholar 

  10. Greenberg, A.: Hackers remotely kill a jeep on the highway-with me in it (2015). http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

  11. Hoare, C.: Communicating Sequential Processes, Electronic edn. Prentice Hall International, Upper Saddle River (1985)

    MATH  Google Scholar 

  12. Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)

    Article  Google Scholar 

  13. Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_23

    Chapter  Google Scholar 

  14. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, pp. 447–462. IEEE, Oakland, May 2010

    Google Scholar 

  15. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17

    Chapter  Google Scholar 

  16. Nogueira, S., Sampaio, A., Mota, A.: Test generation from state based use case models. Form. Asp. Comput. 26(3), 441–490 (2014)

    Article  MathSciNet  Google Scholar 

  17. Oka, D.K., Furue, T., Langenhop, L., Nishimura, T.: Survey of vehicle IoT bluetooth devices. In: 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, pp. 260–264. IEEE, Matsue, November 2014

    Google Scholar 

  18. Pretschner, A., Broy, M., Kruger, I.H., Stauner, T.: Software engineering for automotive systems: a roadmap. In: Proceedings of the FOSE’07 2007 Future of Software Engineering, pp. 55–71. IEEE, Minneapolis, May 2007

    Google Scholar 

  19. Robert Bosch GmbH: CAN Specification Version 2.0 (1991). http://esd.cs.ucr.edu/webres/can20.pdf

  20. Roscoe, A.: Understanding Concurrent Systems, 1st edn. Springer, London (2010). https://doi.org/10.1007/978-1-84882-258-0

    Book  MATH  Google Scholar 

  21. Ruddle, A., Ward, D., Weyl, B., Idrees, S., Roudier, Y., Friedewald, M., Leimbach, T., Fuchs, A., Gurgens, S., Henniger, O., Rieke, R., Ritsscher, M., Broberg, H., Apvrille, L., Pacalet, R., Pedroza, G.: EVITA project: deliverable D2.3 - security requirements for automotive on-board networks based on dark-side scenarios. Technical report (2009). http://www.evita-project.org/Deliverables/EVITAD2.3.pdf

  22. SAE International: SAE J1979 E/E Diagnostic Test Modes (2014). http://standards.sae.org/j1979_201408/

  23. SAE International: J3061: Cybersecurity Guidebook for Cyber-Physical Vehicle Systems (2016). http://standards.sae.org/j3061_201601/

  24. Salfer, M., Schweppe, H., Eckert, C.: Efficient attack forest construction for automotive on-board networks. In: Chow, S.S., Camenisch, J., Hui, L.C., Yiu, S.M. (eds.) 17th International Conference (ISC) on Information Security, October 2014

    Google Scholar 

  25. Schneier, B.: Attack trees: modeling security threats (1999). http://www.schneier.com/paper-attacktrees-ddj-ft.html

  26. University of Oxford: FDR3 - The CSP Refinement Checker. https://www.cs.ox.ac.uk/projects/fdr/

  27. Utting, M., Pretschner, A., Legeard, B.: A taxonomy of model-based testing approaches. Softw. Test. Verif. Reliab. 22(5), 297–312 (2012)

    Article  Google Scholar 

  28. Vigo, R., Nielson, F., Nielson, H.R.: Automated generation of attack trees. In: Proceedings of the 27th Computer Security Foundations Symposium. IEEE, Vienna (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Future Transport and Cities, Coventry University, Coventry, CV1 5FB, UK

    Madeline Cheah, Hoang Nga Nguyen, Jeremy Bryans & Siraj A. Shaikh

Authors
  1. Madeline Cheah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hoang Nga Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jeremy Bryans
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Siraj A. Shaikh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Madeline Cheah .

Editor information

Editors and Affiliations

  1. City University of Hong Kong, Hong Kong, China

    Gerhard P. Hancke

  2. University of Milan, Milan, Italy

    Ernesto Damiani

Rights and permissions

Reprints and permissions

Copyright information

© 2018 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cheah, M., Nguyen, H.N., Bryans, J., Shaikh, S.A. (2018). Formalising Systematic Security Evaluations Using Attack Trees for Automotive Applications. In: Hancke, G., Damiani, E. (eds) Information Security Theory and Practice. WISTP 2017. Lecture Notes in Computer Science(), vol 10741. Springer, Cham. https://doi.org/10.1007/978-3-319-93524-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-93524-9_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-93523-2

  • Online ISBN: 978-3-319-93524-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation