A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity

Kacper Jakub Sowka; Vasile Palade; Hesam Jadidbonab; Paul Wooderson; Hoang Nga Nguyen

doi:10.1007/978-981-99-2115-7_7

A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity

Kacper Jakub Sowka, Vasile Palade, Hesam Jadidbonab, Paul Wooderson, Hoang Nga Nguyen

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

A comprehensive cybersecurity evaluation of automotive on-board networks has become a crucial antecedent to the commercial distribution of vehicles. However, the means to perform the required testing and risk assessment are limited due to the complex and increasingly obscure nature of automotive systems. To rectify this, several approaches have been put forward to systematise and automate the process of evaluating cybersecurity in vehicular systems, but these still require a significant amount of expert input. Accordingly, this work evaluates the existing state of the art in attack tree generation as a means towards automation and systematisation of automotive cybersecurity assurance in addition to considering the potential of novel machine learning methods in pursuing further automation.

Original language	English
Title of host publication	Artificial Intelligence and Cyber Security in Industry 4.0
Editors	Velliangiri Sarveshwaran, Joy Iong-Zong Chen, Danilo Pelusi
Publisher	Springer, Singapore
Chapter	7
Pages	165-193
Number of pages	29
Edition	1
ISBN (Electronic)	9789819921157
ISBN (Print)	9789819921140, 9789819921171
DOIs	https://doi.org/10.1007/978-981-99-2115-7_7
Publication status	Published - 14 Jun 2023

Publication series

Name	Advanced Technologies and Societal Change
Publisher	Springer
ISSN (Print)	2191-6853
ISSN (Electronic)	2191-6861

Bibliographical note

Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders.

Keywords

Attack trees
Automotive cybersecurity
Attack tree generation
Threat modelling
Artificial Intelligence

Access to Document

10.1007/978-981-99-2115-7_7Licence: Unspecified

Sowka2023AAMAccepted author manuscript, 788 KB

Cite this

Sowka, K. J., Palade, V., Jadidbonab, H., Wooderson, P., & Nguyen, H. N. (2023). A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity. In V. Sarveshwaran, J. I.-Z. Chen, & D. Pelusi (Eds.), Artificial Intelligence and Cyber Security in Industry 4.0 (1 ed., pp. 165-193). (Advanced Technologies and Societal Change). Springer, Singapore. https://doi.org/10.1007/978-981-99-2115-7_7

A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity. / Sowka, Kacper Jakub; Palade, Vasile ; Jadidbonab, Hesam et al.
Artificial Intelligence and Cyber Security in Industry 4.0 . ed. / Velliangiri Sarveshwaran; Joy Iong-Zong Chen; Danilo Pelusi. 1. ed. Springer, Singapore, 2023. p. 165-193 (Advanced Technologies and Societal Change).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Sowka, KJ, Palade, V , Jadidbonab, H, Wooderson, P & Nguyen, HN 2023, A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity. in V Sarveshwaran, JI-Z Chen & D Pelusi (eds), Artificial Intelligence and Cyber Security in Industry 4.0 . 1 edn, Advanced Technologies and Societal Change, Springer, Singapore, pp. 165-193. https://doi.org/10.1007/978-981-99-2115-7_7

Sowka KJ, Palade V , Jadidbonab H, Wooderson P, Nguyen HN. A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity. In Sarveshwaran V, Chen JIZ, Pelusi D, editors, Artificial Intelligence and Cyber Security in Industry 4.0 . 1 ed. Springer, Singapore. 2023. p. 165-193. (Advanced Technologies and Societal Change). Epub 2023 Jun 13. doi: 10.1007/978-981-99-2115-7_7

Sowka, Kacper Jakub ; Palade, Vasile ; Jadidbonab, Hesam et al. / A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity. Artificial Intelligence and Cyber Security in Industry 4.0 . editor / Velliangiri Sarveshwaran ; Joy Iong-Zong Chen ; Danilo Pelusi. 1. ed. Springer, Singapore, 2023. pp. 165-193 (Advanced Technologies and Societal Change).

@inbook{b7ae7cd0f10c48c68e9b54d302ef78d7,

title = "A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity",

abstract = "A comprehensive cybersecurity evaluation of automotive on-board networks has become a crucial antecedent to the commercial distribution of vehicles. However, the means to perform the required testing and risk assessment are limited due to the complex and increasingly obscure nature of automotive systems. To rectify this, several approaches have been put forward to systematise and automate the process of evaluating cybersecurity in vehicular systems, but these still require a significant amount of expert input. Accordingly, this work evaluates the existing state of the art in attack tree generation as a means towards automation and systematisation of automotive cybersecurity assurance in addition to considering the potential of novel machine learning methods in pursuing further automation.",

keywords = "Attack trees, Automotive cybersecurity, Attack tree generation, Threat modelling, Artificial Intelligence",

author = "Sowka, {Kacper Jakub} and Vasile Palade and Hesam Jadidbonab and Paul Wooderson and Nguyen, {Hoang Nga}",

note = "Copyright {\textcopyright} and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders. ",

year = "2023",

month = jun,

day = "14",

doi = "10.1007/978-981-99-2115-7_7",

language = "English",

isbn = "9789819921140",

series = "Advanced Technologies and Societal Change",

publisher = "Springer, Singapore",

pages = "165--193",

editor = "Velliangiri Sarveshwaran and Chen, {Joy Iong-Zong} and Danilo Pelusi",

booktitle = "Artificial Intelligence and Cyber Security in Industry 4.0",

edition = "1",

}

TY - CHAP

T1 - A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity

AU - Sowka, Kacper Jakub

AU - Palade, Vasile

AU - Jadidbonab, Hesam

AU - Wooderson, Paul

AU - Nguyen, Hoang Nga

N1 - Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders.

PY - 2023/6/14

Y1 - 2023/6/14

N2 - A comprehensive cybersecurity evaluation of automotive on-board networks has become a crucial antecedent to the commercial distribution of vehicles. However, the means to perform the required testing and risk assessment are limited due to the complex and increasingly obscure nature of automotive systems. To rectify this, several approaches have been put forward to systematise and automate the process of evaluating cybersecurity in vehicular systems, but these still require a significant amount of expert input. Accordingly, this work evaluates the existing state of the art in attack tree generation as a means towards automation and systematisation of automotive cybersecurity assurance in addition to considering the potential of novel machine learning methods in pursuing further automation.

AB - A comprehensive cybersecurity evaluation of automotive on-board networks has become a crucial antecedent to the commercial distribution of vehicles. However, the means to perform the required testing and risk assessment are limited due to the complex and increasingly obscure nature of automotive systems. To rectify this, several approaches have been put forward to systematise and automate the process of evaluating cybersecurity in vehicular systems, but these still require a significant amount of expert input. Accordingly, this work evaluates the existing state of the art in attack tree generation as a means towards automation and systematisation of automotive cybersecurity assurance in addition to considering the potential of novel machine learning methods in pursuing further automation.

KW - Attack trees

KW - Automotive cybersecurity

KW - Attack tree generation

KW - Threat modelling

KW - Artificial Intelligence

U2 - 10.1007/978-981-99-2115-7_7

DO - 10.1007/978-981-99-2115-7_7

M3 - Chapter

SN - 9789819921140

SN - 9789819921171

T3 - Advanced Technologies and Societal Change

SP - 165

EP - 193

BT - Artificial Intelligence and Cyber Security in Industry 4.0

A2 - Sarveshwaran, Velliangiri

A2 - Chen, Joy Iong-Zong

A2 - Pelusi, Danilo

PB - Springer, Singapore

ER -

A Review on Automatic Generation of Attack Trees and Its Application to Automotive Cybersecurity

Abstract

Publication series

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this