论文信息 - Practical Security and Privacy Threat Analysis in the Automotive Domain: Long Term Support Scenario for Over-the-Air Updates

Practical Security and Privacy Threat Analysis in the Automotive Domain: Long Term Support Scenario for Over-the-Air Updates

Keeping a vehicle secure implies provide of a long-term support, where over-the-air updates (OTA) play an essential role. Clear understanding of OTA threats is essential to counter them efficiently. Existing research on OTA threats often exclude human actors, such as drivers and maintenance personnel, as well as leave aside privacy threats. This paper addresses the gap by investigates security and privacy OTA threats relevant for vehicle manufacturers for the whole product lifecycle. We report on a practical scenario "long term support", its data flow elements, and outcomes of threat analyses. We apply state of the art approaches, such as STRIDE (extended with an automotive template) and LINDDUN, to an automotive case and consider an automotivespecific UNECE OTA threat catalogue. Outcomes indicate complementarity of these methods and provide inputs to studies how well they address practical automotive cases.

[1] Wouter Joosen,et al. LINDDUN privacy threat modeling: a tutorial , 2015 .

[2] Christoph Schmittner,et al. Using SAE J3061 for Automotive Security Requirement Engineering , 2016, SAFECOMP Workshops.

[3] Manuel Koschuch,et al. How Little is Enough? Implementation and Evaluation of a Lightweight Secure Firmware Update Process for the Internet of Things , 2018, IoTBDS.

[4] Muhammad Sabir Idrees,et al. Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates , 2011, Nets4Cars/Nets4Trains.

[5] Panagiotis Papadimitratos,et al. Secure vehicular communication systems: design and architecture , 2008, IEEE Communications Magazine.

[6] Christoph Schmittner,et al. Threat Modeling for Automotive Security Analysis , 2016 .

[7] Jerry den Hartog,et al. Security and privacy for innovative automotive applications: A survey , 2018, Comput. Commun..

[8] Eric Armengaud,et al. Threat and Risk Assessment Methodologies in the Automotive Domain , 2016, ANT/SEIT.

[9] Kay Römer,et al. Generic framework enabling secure and efficient automotive wireless SW updates , 2016, 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA).

[10] Christoph Schmittner,et al. Combining Safety and Security Engineering for Trustworthy Cyber-Physical Systems , 2015, ERCIM News.