Abstract
Remote connectivity of today’s and future cars increases their capabilities of autonomy and safety, but also their attack surface, as reported by several research papers. In the automotive domain, the security has a direct impact on the user’s safety. Thus, the management of risk is becoming the main concern of automotive manufacturers, especially for the future fully connected and autonomous cars. A possible way to quantify the overall risk of a system is the systematic construction of attack graphs and attack trees. These formalisms are presented as one of the possible solutions in the new Cybersecurity Guidebook for Cyber-Physical Vehicle Systems (SAE-J3061). In this chapter we propose to use graph transformation to formally model the car architecture and its state evolution in order to study cyber-physical attacks against it. The resulting attacks are converted into attack trees which are used to estimate the overall risk of the system. Consequently, it becomes possible to study improvements while building a more secure architecture. The proposed method is designed to support the conceptual phase of the vehicle’s cyber-physical system. We illustrate the method on a small pedagogical example to show how it is possible to prove its efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of the 9th ACM Conference on Computer and Communications Security (ACM, New York, 2002), pp. 217–224
L. Apvrille, Y. Roudier, Sysml-sec attack graphs: compact representations for complex attacks, in International Workshop on Graphical Models for Security (Springer, Berlin, 2015), pp. 35–49
L. Apvrille, L. Li, Y. Roudier, Model-driven engineering for designing safe and secure embedded systems, in Architecture-Centric Virtual Integration (ACVI), 2016 (IEEE, Piscataway, 2016), pp. 4–7
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al., Comprehensive experimental analyses of automotive attack surfaces, in USENIX Security Symposium, San Francisco (2011)
T. Dimkov, W. Pieters, P. Hartel, Portunes: representing attack scenarios spanning through the physical, digital and social domain, in Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (Springer, Berlin, 2010), pp. 112–129
I.D. Foster, A. Prudhomme, K. Koscher, S. Savage, Fast and vulnerable: a story of telematic failures, in WOOT’15 Proceedings of the 9th USENIX Conference on Offensive Technologies (2015)
Groove: graphs for object-oriented verification. http://groove.cs.utwente.nl/
T. Hoppe, S. Kiltz, J. Dittmann, Security threats to automotive can networks–practical examples and selected short-term countermeasures, in International Conference on Computer Safety, Reliability, and Security (Springer, Berlin, 2008), pp. 235–248
K. Ingols, R. Lippmann, K. Piwowarski, Practical attack graph generation for network defense, in 22nd Annual Computer Security Applications Conference, 2006. ACSAC’06 (IEEE, Piscataway, 2006), pp. 121–130
M.G. Ivanova, C.W. Probst, R.R. Hansen, F. Kammüller, Transforming graphical system models to graphical attack models, in International Workshop on Graphical Models for Security (Springer, Berlin, 2015), pp. 82–96
S. Jajodia, S. Noel, Topological vulnerability analysis, in Cyber Situational Awareness (Springer, Berlin, 2010), pp. 139–154
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., Experimental security analysis of a modern automobile, in 2010 IEEE Symposium on Security and Privacy (SP) (IEEE, Piscataway, 2010), pp. 447–462
R. Kumar, E. Ruijters, M. Stoelinga, Quantitative attack tree analysis via priced timed automata, in International Conference on Formal Modeling and Analysis of Timed Systems (Springer, Berlin, 2015), pp. 156–171
F. Lugou, L.W. Li, L. Apvrille, R. Ameur-Boulifa, Sysml models and model transformation for security, in Conferénce on Model-Driven Engineering and Software Development (Modelsward’2016) (2016)
C. Miller, C. Valasek, Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015)
X. Ou, S. Govindavajhala, A.W. Appel, Mulval: a logic-based network security analyzer, in USENIX Security (2005)
C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis, in Proceedings of the 1998 Workshop on New Security Paradigms (ACM, New York, 1998), pp. 71–79
R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities, in SP’00 Proceedings of the 2000 IEEE Symposium on Security and Privacy (IEEE, Piscataway, 2000), pp. 156–165
M. Salfer, C. Eckert, Attack surface and vulnerability assessment of automotive electronic control units, in 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), vol. 4 (IEEE, Piscataway, 2015), pp. 317–326
M. Salfer, H. Schweppe, C. Eckert, Efficient attack forest construction for automotive on-board networks, in International Conference on Information Security (Springer, Berlin, 2014), pp. 442–453
B. Schneier, Attack trees. Dr. Dobbâs J. 24(12), 21–29 (1999)
O. Sheyner, J. Haines, S. Jha, R. Lippmann, J.M. Wing, Automated generation and analysis of attack graphs, in 2002 Proceedings IEEE Symposium on Security and Privacy (IEEE, Piscataway, 2002), pp. 273–284
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Karray, K., Danger, JL., Guilley, S., Abdelaziz Elaabid, M. (2018). Attack Tree Construction and Its Application to the Connected Vehicle. In: Koç, Ç.K. (eds) Cyber-Physical Systems Security. Springer, Cham. https://doi.org/10.1007/978-3-319-98935-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-98935-8_9
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-98934-1
Online ISBN: 978-3-319-98935-8
eBook Packages: Computer ScienceComputer Science (R0)