Vehicles have evolved from isolated and mechanical systems, into complex ecosystems of on-board networks composed of Electronic Control Units (ECUs), sensors and actuators, which govern their functionalities. These networks have been traditionally designed as trusted, closed systems, but modern needs have opened them to remote and local connections. Researchers have shown that modern vehicles are vulnerable to multiple types of attacks leveraging remote and physical access, which allow attackers to gain control and affect safety-critical systems. Therefore, the interest of manufacturers for embedding security into the design phase of new vehicles is rising. In this paper, we propose a semi-automated and topology based risk analysis framework that helps in designing and assessing the security of automotive on-board networks. The tool receives the network topology as an input and evaluates its security using state-of-the-art risk metrics. Then, it provides the analyst with security-hardened network topologies, as a countermeasure against the most dangerous attacks. We evaluate our approach on known topologies and demonstrate its effectiveness.
A Secure-by-Design Framework for Automotive On-board Network Risk Analysis
Stefano Longari;Michele Carminati;Stefano Zanero
2019-01-01
Abstract
Vehicles have evolved from isolated and mechanical systems, into complex ecosystems of on-board networks composed of Electronic Control Units (ECUs), sensors and actuators, which govern their functionalities. These networks have been traditionally designed as trusted, closed systems, but modern needs have opened them to remote and local connections. Researchers have shown that modern vehicles are vulnerable to multiple types of attacks leveraging remote and physical access, which allow attackers to gain control and affect safety-critical systems. Therefore, the interest of manufacturers for embedding security into the design phase of new vehicles is rising. In this paper, we propose a semi-automated and topology based risk analysis framework that helps in designing and assessing the security of automotive on-board networks. The tool receives the network topology as an input and evaluates its security using state-of-the-art risk metrics. Then, it provides the analyst with security-hardened network topologies, as a countermeasure against the most dangerous attacks. We evaluate our approach on known topologies and demonstrate its effectiveness.| File | Dimensione | Formato | |
|---|---|---|---|
|
1570591250.pdf
accesso aperto
Descrizione: Articolo principale
:
Pre-Print (o Pre-Refereeing)
Dimensione
548.15 kB
Formato
Adobe PDF
|
548.15 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
