Vehicles have evolved from isolated and mechanical systems, into complex ecosystems of on-board networks composed of Electronic Control Units (ECUs), sensors and actuators, which govern their functionalities. These networks have been traditionally designed as trusted, closed systems, but modern needs have opened them to remote and local connections. Researchers have shown that modern vehicles are vulnerable to multiple types of attacks leveraging remote and physical access, which allow attackers to gain control and affect safety-critical systems. Therefore, the interest of manufacturers for embedding security into the design phase of new vehicles is rising. In this paper, we propose a semi-automated and topology based risk analysis framework that helps in designing and assessing the security of automotive on-board networks. The tool receives the network topology as an input and evaluates its security using state-of-the-art risk metrics. Then, it provides the analyst with security-hardened network topologies, as a countermeasure against the most dangerous attacks. We evaluate our approach on known topologies and demonstrate its effectiveness.

A Secure-by-Design Framework for Automotive On-board Network Risk Analysis

Stefano Longari;Michele Carminati;Stefano Zanero
2019

Abstract

Vehicles have evolved from isolated and mechanical systems, into complex ecosystems of on-board networks composed of Electronic Control Units (ECUs), sensors and actuators, which govern their functionalities. These networks have been traditionally designed as trusted, closed systems, but modern needs have opened them to remote and local connections. Researchers have shown that modern vehicles are vulnerable to multiple types of attacks leveraging remote and physical access, which allow attackers to gain control and affect safety-critical systems. Therefore, the interest of manufacturers for embedding security into the design phase of new vehicles is rising. In this paper, we propose a semi-automated and topology based risk analysis framework that helps in designing and assessing the security of automotive on-board networks. The tool receives the network topology as an input and evaluates its security using state-of-the-art risk metrics. Then, it provides the analyst with security-hardened network topologies, as a countermeasure against the most dangerous attacks. We evaluate our approach on known topologies and demonstrate its effectiveness.
IEEE Vehicular Networking Conference
978-1-7281-4571-6
File in questo prodotto:
File Dimensione Formato  
1570591250.pdf

accesso aperto

Descrizione: Articolo principale
: Pre-Print (o Pre-Refereeing)
Dimensione 548.15 kB
Formato Adobe PDF
548.15 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11311/1120902
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 2
social impact