Requirements for the automated generation of attack trees to support automotive cybersecurity assurance

Kacper Jakub Sowka, Luis Pedro Cobos Yelavives, Alastair R. Ruddle, Paul Wooderson

    Research output: Contribution to conferencePaperpeer-review

    1 Citation (Scopus)


    As the need for automotive assurance continues to grow, it becomes necessary to develop approaches which can provide assurance cases in a systematic and efficient manner. In the case of cybersecurity, this problem is exacerbated by the increasing complexity of vehicular onboard systems, their inherent obscurity due to their heterogenous architecture, emergent behaviours, and the disparate motivations and resources of potential threat agents. Furthermore, the advancement of connected autonomous vehicles (CAV) may allow external attackers to leverage the naïve trust ECUs have for adjacent devices to compromise the safety and security of the vehicle. To that end, there is an increased interest in automatically producing threat models such as attack trees, which usually rely on intensive expert driven construction or rudimentary formally defined processes, to identify potential threats to a vehicle. Therefore, this paper will explore the ways in which such an automated scheme could be applied for a practicable identification and analysis of potential attack paths. Although ISO/SAE 21434 recommends the development of an assurance case for cybersecurity, the precise nature of a cybersecurity case is not explicitly defined within the standard. Therefore, this paper also explores the combination of threat modelling techniques with assurance case techniques adapted from accepted practice in vehicle safety for functional safety (per ISO 26262) while taking into consideration the relevant standards...
    Original languageEnglish
    Number of pages15
    Publication statusPublished - 29 Mar 2022
    EventWCX SAE World Congress Experience - Detroit, United States
    Duration: 5 Apr 20227 Apr 2022


    ConferenceWCX SAE World Congress Experience
    Country/TerritoryUnited States
    Internet address


    • Security assurance
    • vehicle safety
    • Cybersecurity Case


    Dive into the research topics of 'Requirements for the automated generation of attack trees to support automotive cybersecurity assurance'. Together they form a unique fingerprint.

    Cite this