skip to main content
10.1145/2744769.2747920acmconferencesArticle/Chapter ViewAbstractPublication PagesdacConference Proceedingsconference-collections
research-article

Design and verification for transportation system security

Published: 07 June 2015 Publication History

Abstract

Cyber-security has emerged as a pressing issue for transportation systems. Studies have shown that attackers can attack modern vehicles from a variety of interfaces and gain access to the most safety-critical components. Such threats become even broader and more challenging with the emergence of vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication technologies. Addressing the security issues in transportation systems requires comprehensive approaches that encompass considerations of security mechanisms, safety properties, resource constraints, and other related system metrics. In this work, we propose an integrated framework that combines hybrid modeling, formal verification, and automated synthesis techniques for analyzing the security and safety of transportation systems and carrying out design space exploration of both in-vehicle electronic control systems and vehicle-to-vehicle communications. We demonstrate the ideas of our framework through a case study of cooperative adaptive cruise control.

References

[1]
M. S. Al-kahtani. Survey on security attacks in vehicular ad hoc networks (VANETs). In Signal Processing and Communication Systems (ICSPCS), 2012 6th International Conference on, pages 1--9. IEEE, 2012.
[2]
S. Bensalem, V. Ganesh, Y. Lakhnech, C. Muñoz, S. Owre, H. Rueß, J. Rushby, V. Rusu, H. Saïdi, N. Shankar, E. Singerman, and A. Tiwari. An overview of SAL. In Proceedings of the 5th NASA Langley Formal Methods Workshop, pages 187--196, June 2000.
[3]
A. Benveniste, P. Caspi, M. Di Natale, C. Pinello, A. Sangiovanni-Vincentelli, and S. Tripakis. Loosely time-triggered architectures based on communication-by-sampling. In Proceedings of the 7th ACM and IEEE International Conference on Embedded Software, EMSOFT'07, pages 231--239, New York, NY, USA, 2007. ACM.
[4]
S. Bono, M. Green, A. Stubblefield, A. Juels, A. D. Rubin, and M. Szydlo. Security analysis of a cryptographically-enabled RFID device. In USENIX Security, volume 5, pages 1--16, 2005.
[5]
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al. Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. San Francisco, 2011.
[6]
P. Deng, F. Cremona, Q. Zhu, M. Di Natale, and H. Zeng. A model-based synthesis flow for automotive CPS. In Cyber-Physical Systems (ICCPS), 2014 ACM/IEEE International Conference on, April 2015.
[7]
P. Deng, Q. Zhu, M. Di Natale, and H. Zeng. Task synthesis for latency-sensitive synchronous block diagram. In Industrial Embedded Systems (SIES), 2014 9th IEEE International Symposium on, pages 112--121, June 2014.
[8]
B. Dutertre. Yices 2.2. In A. Biere and R. Bloem, editors, Computer-Aided Verification (CAV'2014), volume 8559 of Lecture Notes in Computer Science, pages 737--744. Springer, July 2014.
[9]
B. Dutertre and M. Sorea. Modeling and verification of a fault-tolerant real-time startup protocol using calendar automata. In Y. Lakhnech and S. Yovine, editors, Formal Techniques, Modelling and Analysis of Timed and Fault-Tolerant Systems, volume 3253 of Lecture Notes in Computer Science, pages 199--214. Springer Berlin Heidelberg, 2004.
[10]
R. G. Engoulou, M. Bellaïche, S. Pierre, and A. Quintero. VANET security surveys. Computer Communications, 44(0):1--13, 2014.
[11]
P. Golle, D. Greene, and J. Staddon. Detecting and correcting malicious data in VANETs. In Proceedings of the 1st ACM international workshop on Vehicular ad hoc networks, pages 29--37. ACM, 2004.
[12]
O. Henniger, L. Apvrille, A. Fuchs, Y. Roudier, A. Ruddle, and B. Weyl. Security requirements for automotive on-board networks. In Proceedings of the 9th International Conference on Intelligent Transport System Telecommunications (ITST 2009), Lille, France, 2009.
[13]
Y.-C. Hu and K. P. Laberteaux. Strong VANET security on a budget. In Proceedings of Workshop on Embedded Security in Cars (ESCAR), volume 6, pages 1--9, 2006.
[14]
R. Hussain, S. Kim, and H. Oh. Privacy-aware VANET security: Putting data-centric misbehavior and sybil attack detection schemes into practice. In Information Security Applications, pages 296--311. Springer, 2012.
[15]
A. Kajackas, A. Vindašius, and Š. Stanaitis. Inter-vehicle communication: Emergency message delay distributions. Journal of Electronics and Electrical Engineering, 8(96):33--38, 2009.
[16]
G. Karagiannis, O. Altintas, E. Ekici, G. Heijenk, B. Jarupan, K. Lin, and T. Weil. Vehicular networking: A survey and tutorial on requirements, architectures, challenges, standards and solutions. Communications Surveys Tutorials, IEEE, 13(4):584--616, Fourth 2011.
[17]
J. B. Kenney. Dedicated short-range communications (DSRC) standards in the united states. Proceedings of the IEEE, 99(7):1162--1182, 2011.
[18]
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al. Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 447--462. IEEE, 2010.
[19]
R. Larrieu and N. Shankar. High-assurance quasi-synchronous systems. In Proceedings of the 12th IEEE International Conference on Formal Methods and Formals for System Design, 2014.
[20]
T. Leinmüller, A. Held, G. Schäfer, and A. Wolisz. Intrusion detection in VANETs. In In proceedings of 12th IEEE International Conference on Network Protocols (ICNP 2004) Student Poster Session. Citeseer, 2004.
[21]
T. Leinmüller, E. Schoch, and F. Kargl. Position verification approaches for vehicular ad hoc networks. Wireless Communications, IEEE, 13(5):16--21, 2006.
[22]
W. Li, M. D. Natale, W. Zheng, P. Giusto, A. L. Sangiovanni-Vincentelli, and S. A. Seshia. Optimizations of an application-level protocol for enhanced dependability in FlexRay. In Conference on Design, Automation and Test in Europe (DATE), pages 1076--1081, April 2009.
[23]
Y. Li. An overview of the DSRC/WAVE technology. In X. Zhang and D. Qiao, editors, Quality, Reliability, Security and Robustness in Heterogeneous Networks, volume 74 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pages 544--558. Springer Berlin Heidelberg, 2012.
[24]
C.-W. Lin and A. Sangiovanni-Vincentelli. Cyber-security for the Controller Area Network (CAN) communication protocol. In Cyber Security (CyberSecurity), 2012 International Conference on, pages 1--7. IEEE, 2012.
[25]
C.-W. Lin, Q. Zhu, C. Phung, and A. Sangiovanni-Vincentelli. Security-aware mapping for CAN-based real-time distributed automotive systems. In Computer-Aided Design (ICCAD), 2013 IEEE/ACM International Conference on, pages 115--121. IEEE, 2013.
[26]
C.-W. Lin, Q. Zhu, and A. Sangiovanni-Vincentelli. Security-aware mapping for TDMA-based real-time distributed systems. In Proceedings of the 2014 IEEE/ACM International Conference on Computer-Aided Design, pages 24--31. IEEE Press, 2014.
[27]
S. Loos, A. Platzer, and L. Nistor. Adaptive cruise control: Hybrid, distributed, and now formally verified. In M. Butler and W. Schulte, editors, FM 2011: Formal Methods, volume 6664 of Lecture Notes in Computer Science, pages 42--56. Springer Berlin Heidelberg, 2011.
[28]
X. Ma and X. Chen. Delay and broadcast reception rates of highway safety applications in vehicular ad hoc networks. In 2007 Mobile networking for vehicular environments, pages 85--90. IEEE, 2007.
[29]
A. M. Malla and R. K. Sahu. Security attacks with an effective solution for DoS attacks in VANET. International Journal of Computer Applications, 66(22):45--49, 2013.
[30]
S. Mitsch. Modeling and analyzing hybrid systems with sphinx. http://www.cs.cmu.edu/~smitsch/tools.html, Dec 2013.
[31]
M. Muter and N. Asaj. Entropy-based anomaly detection for in-vehicle networks. In Intelligent Vehicles Symposium (IV), 2011 IEEE, pages 1110--1115. IEEE, 2011.
[32]
G. Naus, R. Vugts, J. Ploeg, M. van de Molengraft, and M. Steinbuch. String-stable cacc design and experimental validation: A frequency-domain approach. Vehicular Technology, IEEE Transactions on, 59(9):4268--4279, Nov 2010.
[33]
D. K. Nilsson, U. E. Larson, and E. Jonsson. Efficient in-vehicle delayed data authentication based on compound message authentication codes. In Vehicular Technology Conference, 2008. VTC 2008-Fall. IEEE 68th, pages 1--5. IEEE, 2008.
[34]
D. K. Nilsson, U. E. Larson, F. Picasso, and E. Jonsson. A first simulation of attacks in the automotive network communications protocol flexray. In Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS'08, pages 84--91. Springer, 2009.
[35]
S. Owre, J. Rushby, and N. Shankar. PVS: A prototype verification system. In D. Kapur, editor, Automated Deduction, CADE'11, volume 607 of Lecture Notes in Computer Science, pages 748--752. Springer Berlin Heidelberg, 1992.
[36]
P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, and J.-P. Hubaux. Secure vehicular communication systems: design and architecture. Communications Magazine, IEEE, 46(11):100--109, 2008.
[37]
L. Pike, J. Sharp, M. Tullsen, P. C. Hickey, and J. Bielman. Securing the automobile: a comprehensive approach. http://www.galois.com/~leepike/pike-car-security.pdf, 2015.
[38]
A. Platzer. Differential dynamic logic for hybrid systems. Journal of Automated Reasoning, 41(2):143--189, 2008.
[39]
A. Platzer and J.-D. Quesel. KeYmaera: A hybrid theorem prover for hybrid systems (system description). In A. Armando, P. Baumgartner, and G. Dowek, editors, Automated Reasoning, volume 5195 of Lecture Notes in Computer Science, pages 171--178. Springer Berlin Heidelberg, 2008.
[40]
J. Ploeg, B. Scheepers, E. van Nunen, N. van de Wouw, and H. Nijmeijer. Design and experimental evaluation of cooperative adaptive cruise control. In Intelligent Transportation Systems (ITSC), 2011 14th International IEEE Conference on, pages 260--265, Oct 2011.
[41]
M. Raya and J.-P. Hubaux. Securing vehicular ad hoc networks. J. Comput. Secur., 15(1):39--68, Jan. 2007.
[42]
M. Raya, P. Papadimitratos, and J.-P. Hubaux. Securing vehicular communications. IEEE Wireless Communications Magazine, Special Issue on Inter-Vehicular Communications, 13(LCA-ARTICLE-2006-015):8--15, 2006.
[43]
Vehicle safety communications project -- final report. Technical Report DOT HS 810 591, U.S. Department of Transportation, National Highway Traffic Safety Adminstration, 2006.
[44]
N. Ristanovic, P. Papadimitratos, G. Theodorakopoulos, J.-P. Hubaux, and J.-Y. Leboudec. Adaptive message authentication for vehicular networks. In Proceedings of the sixth ACM international workshop on VehiculAr InterNETworking, pages 121--122. ACM, 2009.
[45]
F. Sagstetter, M. Lukasiewycz, S. Steinhorst, M. Wolf, A. Bouard, W. R. Harris, S. Jha, T. Peyrin, A. Poschmann, and S. Chakraborty. Security challenges in automotive hardware/software architecture design. In Proceedings of the Conference on Design, Automation and Test in Europe, pages 458--463. EDA Consortium, 2013.
[46]
H. Schweppe and Y. Roudier. Security and privacy for in-vehicle networks. In Vehicular Communications, Sensing, and Computing (VCSC), 2012 IEEE 1st International Workshop on, pages 12--17. IEEE, 2012.
[47]
I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaâniche, and Y. Laarouchi. Survey on security threats and protection mechanisms in embedded automotive networks. In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on, pages 1--12. IEEE, 2013.
[48]
C. Szilagyi and P. Koopman. Flexible multicast authentication for time-triggered embedded control network applications. In Dependable Systems and Networks, 2009. DSN'09. IEEE/IFIP International Conference on, pages 165--174. IEEE, 2009.
[49]
A. Tiwari, B. Dutertre, D. Jovanović, T. de Candia, P. D. Lincoln, J. Rushby, D. Sadigh, and S. Seshia. Safety envelope for security. In Proceedings of the 3rd international conference on High confidence networked systems, pages 85--94. ACM, 2014.
[50]
B. van Arem, C. van Driel, and R. Visser. The impact of cooperative adaptive cruise control on traffic-flow characteristics. Intelligent Transportation Systems, IEEE Transactions on, 7(4):429--436, Dec 2006.
[51]
A. Van Herrewege, D. Singelee, and I. Verbauwhede. CANAuth-a simple, backward compatible broadcast authentication protocol for can bus. In ECRYPT Workshop on Lightweight Cryptography 2011, 2011.
[52]
M. Wolf, A. Weimerskirch, and C. Paar. Security in automotive bus systems. In Workshop on Embedded Security in Cars, 2004.
[53]
Y. Yao, L. Rao, X. Liu, and X. Zhou. Delay analysis and study of ieee 802.11 p based dsrc safety communication in a highway environment. In INFOCOM, 2013 Proceedings IEEE, pages 1591--1599. IEEE, 2013.
[54]
B. Yu, C.-Z. Xu, and B. Xiao. Detecting sybil attacks in VANETs. Journal of Parallel and Distributed Computing, 73(6):746--756, 2013.
[55]
Q. Zhu and P. Deng. Design synthesis and optimization for automotive embedded systems. In Proceedings of the 2014 on International Symposium on Physical Design, ISPD'14, pages 141--148, New York, NY, USA, 2014. ACM.
[56]
Q. Zhu, P. Deng, M. Di Natale, and H. Zeng. Robust and extensible task implementations of synchronous finite state machines. In Design, Automation Test in Europe Conference Exhibition (DATE), 2013, pages 1319--1324, March 2013.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
DAC '15: Proceedings of the 52nd Annual Design Automation Conference
June 2015
1204 pages
ISBN:9781450335201
DOI:10.1145/2744769
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 June 2015

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Funding Sources

Conference

DAC '15
Sponsor:
DAC '15: The 52nd Annual Design Automation Conference 2015
June 7 - 11, 2015
California, San Francisco

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25
62nd ACM/IEEE Design Automation Conference
June 22 - 26, 2025
San Francisco , CA , USA

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)16
  • Downloads (Last 6 weeks)2
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)A Review of Smart Vehicles in Smart Cities: Dangers, Impacts, and the Threat LandscapeVehicular Communications10.1016/j.vehcom.2024.100871(100871)Online publication date: Dec-2024
  • (2021)Cross-Layer Design of Automotive SystemsIEEE Design & Test10.1109/MDAT.2020.303756138:5(8-16)Online publication date: Oct-2021
  • (2020)A Review on CyberattacksCyber Warfare and Terrorism10.4018/978-1-7998-2466-4.ch007(98-126)Online publication date: 2020
  • (2019)A Review on CyberattacksSecure Cyber-Physical Systems for Smart Cities10.4018/978-1-5225-7189-6.ch008(183-219)Online publication date: 2019
  • (2019)Exploring weakly-hard paradigm for networked systemsProceedings of the Workshop on Design Automation for CPS and IoT10.1145/3313151.3313165(51-59)Online publication date: 15-Apr-2019
  • (2019)Automotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving ModesProceedings of the ACM Workshop on Automotive Cybersecurity10.1145/3309171.3309179(9-14)Online publication date: 13-Mar-2019
  • (2019)Formal verification of weakly-hard systemsProceedings of the 22nd ACM International Conference on Hybrid Systems: Computation and Control10.1145/3302504.3311811(197-207)Online publication date: 16-Apr-2019
  • (2019)An Evaluative Review of the Formal Verification for VANET Protocols2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC)10.1109/IWCMC.2019.8766783(1209-1214)Online publication date: Jun-2019
  • (2019)An Extended Intelligent Driver Model to Describe the Impact of Cyberattacks on Connected VehiclesCICTP 201910.1061/9780784482292.258(2983-2995)Online publication date: 2-Jul-2019
  • (2018)Spreading Patterns of Malicious Information on Single-Lane Platooned Traffic in a Connected EnvironmentComputer-Aided Civil and Infrastructure Engineering10.1111/mice.1241634:3(248-265)Online publication date: 3-Sep-2018
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media