SaSeVAL: A Safety/Security-Aware Approach for Validation of Safety-Critical Systems

Increasing communication and self-driving capabilities for road vehicles lead to threats which could potentially be exploited by attackers. Especially attacks leading to safety violations have to be identified to address them by appropriate measures. The impact of an attack depends on the threat exploited, potential countermeasures and the traffic situation. In order to identify such attacks and to use them for testing, we propose the systematic approach SaSeVAL for deriving attacks of autonomous vehicles.SaSeVAL is based on threats identification and safety-security analysis. The impact of automotive use cases to attacks is considered. The threat identification considers the attack interface of vehicles and classifies threat scenarios according to threat types, which are then mapped to attack types. The safety-security analysis identifies the necessary requirements which have to be tested based on the architecture of the system under test. It determines which safety impact a security violation may have, and in which traffic situations the highest impact is expected. Finally, the results of threat identification and safety-security analysis are used to describe attacks.The goal of SaSeVAL is to achieve safety validation of the vehicle w.r.t. security concerns. It traces safety goals to threats and to attacks explicitly. Hence, the coverage of safety concerns by security testing is assured. Two use cases of vehicle communication and autonomous driving are investigated to prove the applicability of the approach.

[1]  Tomas Olovsson,et al.  A Risk Assessment Framework for Automotive Embedded Systems , 2016, CPSS@AsiaCCS.

[2]  Michael Felderer,et al.  Applying Security Testing Techniques to Automotive Engineering , 2019, ARES.

[3]  Thomas Peyrin,et al.  Security challenges in automotive hardware/software architecture design , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Eric Armengaud,et al.  SAHARA: A security-aware hazard and risk analysis method , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[5]  Frank Swiderski,et al.  Threat Modeling , 2018, Hacking Connected Cars.

[6]  Andrew C. Simpson,et al.  A Formal Model to Facilitate Security Testing in Modern Automotive Systems , 2018, IMPEX/FM&MDD.

[7]  Tae-Sung Kim,et al.  Security risk assessment framework for smart car using the attack tree analysis , 2017, Journal of Ambient Intelligence and Humanized Computing.

[8]  Tae-Sung Kim,et al.  A Security Risk Assessment Framework for Smart Car , 2016, 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS).