Adapting Security Policy at Runtime for Connected Autonomous Vehicles

Models@run.time has appeared as a new paradigm for continuously monitoring software systems execution to enable self-adaptation. This adaptation happens whenever a change, a failure or a bug is introduced within the execution environment. It is done by a causal bidirectional connection between design and execution artifacts supported by feedback-loop information. We developed an approach to integrate a secure lightweight dynamic adaptation of access control policies when new security requirements are introduced at runtime. The proposed runtime adaptation is supported by a fast checking of design models at runtime against security constraints. A vehicle-2-x security case study is used to demonstrate the benefits of our approach.

[1]  David A. Basin,et al.  A metamodel-based approach for analyzing security-design models , 2007, MODELS'07.

[2]  David A. Basin,et al.  A decade of model-driven security , 2011, SACMAT '11.

[3]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[4]  Régine Laleau,et al.  Taking into Account Functional Models in the Validation of IS Security Policies , 2011, CAiSE Workshops.

[5]  Manachai Toahchoodee,et al.  Ensuring spatio-temporal access control for real-world applications , 2009, SACMAT '09.

[6]  Samia Bouzefrane,et al.  Towards a Modular and Lightweight Model for Android Development Platforms , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[7]  Indrakshi Ray,et al.  A Rigorous Approach to Uncovering Security Policy Violations in UML Designs , 2009, 2009 14th IEEE International Conference on Engineering of Complex Computer Systems.

[8]  Indrakshi Ray,et al.  Rigorous Analysis of UML Access Control Policy Models , 2011, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks.

[9]  Yves Ledru,et al.  Validation of a Security Policy by the Test of Its Formal B Specification -- A Case Study , 2015, 2015 IEEE/ACM 3rd FME Workshop on Formal Methods in Software Engineering.

[10]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[11]  Hong Sun,et al.  A framework for adaptive real-time applications: the declarative real-time OSGi component model , 2008, ARM '08.

[12]  David A. Basin,et al.  Automated analysis of security-design models , 2009, Inf. Softw. Technol..

[13]  Neil Bartlett OSGi In Practice , 2009 .

[14]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[15]  Matthew K. O. Lee,et al.  The B-Method , 1991, VDM Europe.

[16]  Nelly Bencomo,et al.  Models@run.time , 2014, Lecture Notes in Computer Science.

[17]  Indrakshi Ray,et al.  Scenario-Based Static Analysis of UML Class Models , 2008, MoDELS.