Using a Cyber Digital Twin for Continuous Automotive Security Requirements Verification

A Digital Twin (DT) is a digital representation of a physical object used to simulate it before it is built or to predict failures after the object is deployed. The DT concept was originally applied to manufacturing but has been gaining attention in other areas. In this article, we introduce a novel concept called Cyber Digital Twin (CDT), which transfers the idea of the DT to automotive software for the purpose of security analysis. In our approach, the ECU software (i.e., firmware) is transformed into a CDT, which contains automatically extracted, security-relevant information from the firmware. With this, we can evaluate automotive security requirements through automated security requirements verification using policy enforcement checks and detection of security vulnerabilities. The evaluation can be done continuously using newly integrated checks and published security vulnerabilities. AS FOR REQUIREMENTS overall [1], a common problem in security requirements is that they are too abstract and, thereby, underspecified. Examples in the automotive domain are the UNECE WP.29 regulation [2] and the ISO/SAE 21434 standard [3], which mostly prescribe processes and methods but do not show how security can be achieved in a concrete system. This leads to various problems in the development but also in the quality assurance of these systems. Cruzes et al. [4] argue that testing non-functional requirements, such as security, is a great challenge due to cross-functional aspects of testing and the lack of clarity of their needs. In particular, we need concrete requirements to check the security of the systems. The Digital Twin (DT) is the idea to digitally represent physical objects to simulate them before they are built or to predict failures to enable predictive maintenance [5] (see also Sidebar 2). In this article we introduce a novel concept, the Cyber Digital Twin (CDT), which transfers the idea of the DT to software as well [6]. A CDT is a digital representation of an automotive software – © The Authors 1 ar X iv :2 10 2. 00 79 0v 1 [ cs .C R ] 1 F eb 2 02 1

[1]  Zhuhua Cai,et al.  Software Vulnerability Discovery Techniques: A Survey , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[2]  Zoran Djuric,et al.  A black-box testing tool for detecting SQL injection vulnerabilities , 2013, 2013 Second International Conference on Informatics & Applications (ICIA).

[3]  Andreas Ekelhart,et al.  Digital Twins for Cyber-Physical Systems Security: State of the Art and Outlook , 2019, Security and Quality in Cyber-Physical Systems Engineering.

[4]  Pietro Romano,et al.  Outsourcing practices in automotive supply networks: an exploratory study of full service vehicle suppliers , 2013 .

[5]  Roel Wieringa,et al.  Naming the pain in requirements engineering , 2016, Empirical Software Engineering.

[6]  Peter Chapman,et al.  Automated black-box detection of side-channel vulnerabilities in web applications , 2011, CCS '11.

[7]  Stefan Boschert,et al.  Digital Twin—The Simulation Aspect , 2016 .

[8]  Edward H. Glaessgen,et al.  The Digital Twin Paradigm for Future NASA and U.S. Air Force Vehicles , 2012 .

[9]  Michael W. Grieves,et al.  Digital Twin: Mitigating Unpredictable, Undesirable Emergent Behavior in Complex Systems , 2017 .

[10]  Ethan Hadar,et al.  Cyber Digital Twin Simulator for Automatic Gathering and Prioritization of Security Controls’ Requirements , 2020, 2020 IEEE 28th International Requirements Engineering Conference (RE).

[11]  Daniela Cruzes,et al.  How is Security Testing Done in Agile Teams? A Cross-Case Analysis of Four Software Teams , 2017, XP.

[12]  Oddvar O. Bendiksen,et al.  Structures, Structural Dynamics and Materials Conference , 1998 .