Abstract
Vehicles are insecure. To protect such systems, we must begin by identifying any weaknesses. One approach is to apply a systematic security evaluation to the system under test. In this paper we present a method for systematically generating tests based on attack trees. We formalise the attack trees as provably-equivalent process-algebraic processes, then automatically generate tests from the process-algebraic representation. Attack trees may include manual input (and thus so will some test cases) but scriptable test cases are automatically executed. Our approach is inspired by model based testing, but allows for the fact that we do not have a specification of the system under test. We demonstrate this methodology on a case study and find that this is a viable method for automation of systematic security evaluations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Argus Cybersecurity: Argus Cyber Security Working with Bosch to Promote Public Safety and Mitigate Car Hacking (2017). http://bit.ly/2tNBLsm
Cheah, M., Bryans, J., Fowler, D.S., Shaikh, S.A.: Threat intelligence for bluetooth-enabled systems with automotive applications: an empirical study. In: Proceedings of the 47th IEEE/IFIP Dependable Systems and Networks Workshops: Security and Safety in Vehicles (SSIV). IEEE, Denver, June 2017
Cheah, M., Shaikh, S., Haas, O., Ruddle, A.: Towards a systematic security evaluation of the automotive bluetooth interface. J. Veh. Commun. 9(7), 8–18 (2017)
Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of 20th USENIX Security Symposium, pp. 77–92. USENIX Association, San Francisco, August 2011
Cho, K.T., Shin, K.G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security, pp. 1044–1055. ACM, New York, October 2016
Dunning, J.: SpoofTooph (2012). http://bit.ly/2tiOx5O
ELM Electronics: ELM Electronics: OBD. http://bit.ly/2s0yZPZ
Felderer, M., Zech, P., Breu, R., Buchler, M., Pretschner, A.: Model-based security testing: a taxonomy and systematic classification. Softw. Test. Verif. Reliab. 26(2), 119–148 (2015)
Fowler, D.S., Cheah, M., Shaikh, S.A., Bryans, J.: Towards a testbed for automotive cyberecurity. In: Process of the 10th International Conference on Software Testing, Verification and Validation: Industry Track. IEEE, Tokyo, March 2017
Greenberg, A.: Hackers remotely kill a jeep on the highway-with me in it (2015). http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
Hoare, C.: Communicating Sequential Processes, Electronic edn. Prentice Hall International, Upper Saddle River (1985)
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)
Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_23
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, pp. 447–462. IEEE, Oakland, May 2010
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17
Nogueira, S., Sampaio, A., Mota, A.: Test generation from state based use case models. Form. Asp. Comput. 26(3), 441–490 (2014)
Oka, D.K., Furue, T., Langenhop, L., Nishimura, T.: Survey of vehicle IoT bluetooth devices. In: 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, pp. 260–264. IEEE, Matsue, November 2014
Pretschner, A., Broy, M., Kruger, I.H., Stauner, T.: Software engineering for automotive systems: a roadmap. In: Proceedings of the FOSE’07 2007 Future of Software Engineering, pp. 55–71. IEEE, Minneapolis, May 2007
Robert Bosch GmbH: CAN Specification Version 2.0 (1991). http://esd.cs.ucr.edu/webres/can20.pdf
Roscoe, A.: Understanding Concurrent Systems, 1st edn. Springer, London (2010). https://doi.org/10.1007/978-1-84882-258-0
Ruddle, A., Ward, D., Weyl, B., Idrees, S., Roudier, Y., Friedewald, M., Leimbach, T., Fuchs, A., Gurgens, S., Henniger, O., Rieke, R., Ritsscher, M., Broberg, H., Apvrille, L., Pacalet, R., Pedroza, G.: EVITA project: deliverable D2.3 - security requirements for automotive on-board networks based on dark-side scenarios. Technical report (2009). http://www.evita-project.org/Deliverables/EVITAD2.3.pdf
SAE International: SAE J1979 E/E Diagnostic Test Modes (2014). http://standards.sae.org/j1979_201408/
SAE International: J3061: Cybersecurity Guidebook for Cyber-Physical Vehicle Systems (2016). http://standards.sae.org/j3061_201601/
Salfer, M., Schweppe, H., Eckert, C.: Efficient attack forest construction for automotive on-board networks. In: Chow, S.S., Camenisch, J., Hui, L.C., Yiu, S.M. (eds.) 17th International Conference (ISC) on Information Security, October 2014
Schneier, B.: Attack trees: modeling security threats (1999). http://www.schneier.com/paper-attacktrees-ddj-ft.html
University of Oxford: FDR3 - The CSP Refinement Checker. https://www.cs.ox.ac.uk/projects/fdr/
Utting, M., Pretschner, A., Legeard, B.: A taxonomy of model-based testing approaches. Softw. Test. Verif. Reliab. 22(5), 297–312 (2012)
Vigo, R., Nielson, F., Nielson, H.R.: Automated generation of attack trees. In: Proceedings of the 27th Computer Security Foundations Symposium. IEEE, Vienna (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 IFIP International Federation for Information Processing
About this paper
Cite this paper
Cheah, M., Nguyen, H.N., Bryans, J., Shaikh, S.A. (2018). Formalising Systematic Security Evaluations Using Attack Trees for Automotive Applications. In: Hancke, G., Damiani, E. (eds) Information Security Theory and Practice. WISTP 2017. Lecture Notes in Computer Science(), vol 10741. Springer, Cham. https://doi.org/10.1007/978-3-319-93524-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-93524-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93523-2
Online ISBN: 978-3-319-93524-9
eBook Packages: Computer ScienceComputer Science (R0)