{"title":"基于模型的车辆网络安全测试","authors":"Florian Sommer, R. Kriesten, F. Kargl","doi":"10.1109/CSCI54926.2021.00179","DOIUrl":null,"url":null,"abstract":"Modern vehicles consist of a large number of electronic information technology components, which communicate with each other and external components. To protect vehicles against security attacks, automotive-specific standards and regulations require an integration of security concepts and measures in vehicles. Security testing techniques, such as penetration tests, are used to verify and validate those measures. However, these methods are usually carried out manually in late phases of development. Thus, identified vulnerabilities can only be eliminated at a late stage leading to a high investment of time and resources. This paper presents a model-based security testing approach which aims to enable security tests early on in the vehicle development process in an automated way. This allows vulnerabilities to be identified and eliminated at an early stage during development. Therefore, we show our concept to create a security model based on a vehicle network. This model can be used to automatically derive attack paths for security testing. We further illustrate our approach by applying it to a real-world vehicle network.","PeriodicalId":206881,"journal":{"name":"2021 International Conference on Computational Science and Computational Intelligence (CSCI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Model-Based Security Testing of Vehicle Networks\",\"authors\":\"Florian Sommer, R. Kriesten, F. Kargl\",\"doi\":\"10.1109/CSCI54926.2021.00179\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern vehicles consist of a large number of electronic information technology components, which communicate with each other and external components. To protect vehicles against security attacks, automotive-specific standards and regulations require an integration of security concepts and measures in vehicles. Security testing techniques, such as penetration tests, are used to verify and validate those measures. However, these methods are usually carried out manually in late phases of development. Thus, identified vulnerabilities can only be eliminated at a late stage leading to a high investment of time and resources. This paper presents a model-based security testing approach which aims to enable security tests early on in the vehicle development process in an automated way. This allows vulnerabilities to be identified and eliminated at an early stage during development. Therefore, we show our concept to create a security model based on a vehicle network. This model can be used to automatically derive attack paths for security testing. We further illustrate our approach by applying it to a real-world vehicle network.\",\"PeriodicalId\":206881,\"journal\":{\"name\":\"2021 International Conference on Computational Science and Computational Intelligence (CSCI)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Computational Science and Computational Intelligence (CSCI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCI54926.2021.00179\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Computational Science and Computational Intelligence (CSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCI54926.2021.00179","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modern vehicles consist of a large number of electronic information technology components, which communicate with each other and external components. To protect vehicles against security attacks, automotive-specific standards and regulations require an integration of security concepts and measures in vehicles. Security testing techniques, such as penetration tests, are used to verify and validate those measures. However, these methods are usually carried out manually in late phases of development. Thus, identified vulnerabilities can only be eliminated at a late stage leading to a high investment of time and resources. This paper presents a model-based security testing approach which aims to enable security tests early on in the vehicle development process in an automated way. This allows vulnerabilities to be identified and eliminated at an early stage during development. Therefore, we show our concept to create a security model based on a vehicle network. This model can be used to automatically derive attack paths for security testing. We further illustrate our approach by applying it to a real-world vehicle network.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
