Enhancing the Security of Automotive Systems Using Attackability Index

Security risk analysis and quantification for automotive systems is a challenging task. This challenge is exacerbated when physical systems are integrated with computation and communication networks to form Cyber-Physical Systems (CPS). The complexity arises from the multitude of attack possibilitie...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on intelligent vehicles 2024-01, Vol.9 (1), p.315-327
Main Authors: Renganathan, Vishnu, Ahmed, Qadeer, Jung, Daniel
Format: Article
Language:English
Subjects:
Actuators
Automotive engineering
Communication networks
Computer networks
Cyber-Physical systems
Cybersecurity
Dynamic models
Dynamical systems
Indexes
Nonlinear dynamics
Placement
Redundancy
Risk analysis
Safety
Security
security quantification
Sensor systems
Sensors
structural model
Structural models
System dynamics
vehicular cybersecurity
Vulnerability analysis
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Security risk analysis and quantification for automotive systems is a challenging task. This challenge is exacerbated when physical systems are integrated with computation and communication networks to form Cyber-Physical Systems (CPS). The complexity arises from the multitude of attack possibilities within the overall system. This work proposes an attack index based on redundancy in the system and the computational sequence of residual generators. This work considers a nonlinear dynamic model of an automotive system with a communication network. The approach involves using system dynamics to model attack vectors, which are based on the vulnerabilities in the system that are exploited through open network components (like On-Board-Diagnosis (OBD-II)), network segmentation (due to improper gateway implementation), and sensors that are susceptible to adversarial attacks. The redundant and non-redundant parts of the system are identified by considering the sensor configuration and unknown variables. Then, an attack index is derived by analyzing the placement of attack vectors in relation to the redundant and non-redundant parts, using the canonical decomposition of the structural model. The security implications of the residuals are determined by analyzing the computational sequence and the placement of the sensors. Thus, this work promotes the notion of security by design by proposing sensor placement strategies to enhance the overall security index. Finally, it is verified how the proposed attack index and its analysis could be used to enhance automotive security using Model-In-Loop (MIL) simulations.
ISSN:2379-8858
2379-8904
2379-8904
DOI:10.1109/TIV.2023.3332006