A Formal Model to Facilitate Security Testing in Modern Automotive Systems

Ensuring a car's internal systems are free from security vulnerabilities is of utmost importance, especially due to the relationship between security and other properties, such as safety and reliability. We provide the starting point for a model-based framework designed to support the security testing of modern cars. We use Communicating Sequential Processes (CSP) to create architectural models of the vehicle bus systems, as well as an initial set of attacks against these systems. While this contribution represents initial steps, we are mindful of the ultimate objective of generating test code to exercise the security of vehicle bus systems. We present the way forward from the models created and consider their potential integration with commercial engineering tools

[1]  Steven E. Shladover,et al.  Potential Cyberattacks on Automated Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[2]  Christian Berger,et al.  Formal specification and systematic model-driven testing of embedded automotive systems , 2011, 2011 Design, Automation & Test in Europe.

[3]  Jian Guo,et al.  Modeling and Verifying the TTCAN Protocol Using Timed CSP , 2014, 2014 Theoretical Aspects of Software Engineering Conference.

[4]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[5]  Falko Dressler,et al.  Demo: OpenC2X — An open source experimental and prototyping platform supporting ETSI ITS-G5 , 2016, 2016 IEEE Vehicular Networking Conference (VNC).

[6]  Martin Lukasiewycz,et al.  Security analysis of automotive architectures using probabilistic model checking , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[7]  Stefan Savage,et al.  Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.

[8]  Andrew C. Simpson,et al.  Formal models for automotive systems and vehicular networks: Benefits and challenges , 2016, 2016 IEEE Vehicular Networking Conference (VNC).

[9]  Denis Waraus Steer-by-wire system based on FlexRay protocol , 2009, 2009 Applied Electronics.

[10]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[11]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[12]  Mohamed Azab,et al.  Survey on Security Issues in Vehicular Ad Hoc Networks , 2015 .

[13]  S. Shankar Sastry,et al.  Formal methods for semi-autonomous driving , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[14]  Richard R. Brooks,et al.  Cyber-Physical Security of Automotive Information Technology , 2012 .

[15]  Yongdae Kim,et al.  Illusion and Dazzle: Adversarial Optical Channel Exploits Against Lidars for Automotive Applications , 2017, CHES.

[16]  Frank Kargl,et al.  Revisiting attacker model for smart vehicles , 2014, 2014 IEEE 6th International Symposium on Wireless Vehicular Communications (WiVeC 2014).

[17]  Christine Julien,et al.  Verification and Validation in Cyber Physical Systems: Research Challenges and a Way Forward , 2015, 2015 IEEE/ACM 1st International Workshop on Software Engineering for Smart Cyber-Physical Systems.