Abstract
Modern vehicles are susceptible to cybersecurity attacks due to the complexity of their electronics architecture and a progressive integration of connectivity technologies. A promising solution to resolve cybersecurity issues is Over-The-Air (OTA) updates. Recently, Uptane has been introduced and is currently considered as the de facto security standard for automotive OTA system solutions. To ensure that a system, Uptane, can deliver updates to secure a vehicle, the system itself must be secure as to not become an attack vector itself. To this end, we present a model-based security testing approach to OTA updates for automotive vehicles. This is done by modelling the OTA update system and the Dolev-Yao attackers in Communicating sequential processes (CSP). The combined models can be verified to generate security test cases and provide a comprehensive evaluation of attackers on the Uptane system.
Original language | English |
---|---|
Number of pages | 9 |
Publication status | Accepted/In press - 1 Nov 2021 |
Event | The 21st IEEE International Conference on Software Quality, Reliability, and Security - International Academic Exchange Center of Hainan University, Haikou, China Duration: 6 Dec 2021 → 10 Dec 2021 Conference number: 7 https://qrs21.techconf.org/ |
Conference
Conference | The 21st IEEE International Conference on Software Quality, Reliability, and Security |
---|---|
Abbreviated title | QRS2021 |
Country/Territory | China |
City | Haikou |
Period | 6/12/21 → 10/12/21 |
Internet address |
Keywords
- Automotive Cybersecurity
- Uptane
- CSP
- Automotive OTA
- Security Testing