Ändra sökning
Länk till posten
Permanent länk

Direktlänk
Publikationer (10 of 16) Visa alla publikationer
Malik, M., Aramrattana, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2023). Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks. In: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC: . Paper presented at 28th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2023. Singapore. 24 October 2023 through 27 October 2023 (pp. 23-29). IEEE Computer Society
Öppna denna publikation i ny flik eller fönster >>Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks
Visa övriga...
2023 (Engelska)Ingår i: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC, IEEE Computer Society , 2023, s. 23-29Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

A remotely operated road vehicle (RORV) refers to a vehicle operated wirelessly from a remote location. In this paper, we report results from an evaluation of two safety mechanisms: safe braking and disconnection. These safety mechanisms are included in the control software for RORV developed by Roboauto, an intelligent mobility solutions provider. The safety mechanisms monitor the communication system to detect packet transmission delays, lost messages, and outages caused by naturally occurring interference as well as denial-of-service (DoS) attacks. When the delay in the communication channel exceeds certain threshold values, the safety mechanisms are to initiate control actions to reduce the vehicle speed or stop the affected vehicle safely as soon as possible. To evaluate the effectiveness of the safety mechanisms, we exposed the vehicle control software to various communication failures using a software-in-the-loop (SIL) testing environment developed specifically for this study. Our results show that the safety mechanisms behaved correctly for a vast majority of the simulated communication failures. However, in a few cases, we noted that the safety mechanisms were triggered incorrectly, either too early or too late, according to the system specification. 

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2023
Nyckelord
Control system synthesis; Denial-of-service attack; Failure (mechanical); Remote control; Safety engineering; Software testing; Vehicle to vehicle communications; Vehicle transmissions; Communication failure; Control software; Denialof- service attacks; Remote location; Remotely operated road vehicle; Road vehicles; Safety mechanisms; Software in the loops; Software-in-the-loop testing; Transmission delays; Specifications
Nationell ämneskategori
Maskinteknik
Identifikatorer
urn:nbn:se:ri:diva-70583 (URN)10.1109/PRDC59308.2023.00012 (DOI)2-s2.0-85182390657 (Scopus ID)
Konferens
28th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2023. Singapore. 24 October 2023 through 27 October 2023
Anmärkning

This work was supported by VALU3S project, which hasreceived funding from the ECSEL Joint Undertaking (JU)under grant agreement No 876852. We also would like toexpress our sincere gratitude to Stepan Kar ´ asek and Beata Davidova from Roboauto, who provided us with invaluable ´support to test their system in the simulation environment.

Tillgänglig från: 2024-01-22 Skapad: 2024-01-22 Senast uppdaterad: 2024-01-22Bibliografiskt granskad
Malik, M., Aramrattana, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2023). Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks. In: 28th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2023): . Paper presented at Pacific Rim International Symposium on Dependable Computing. IEEE conference proceedings
Öppna denna publikation i ny flik eller fönster >>Simulation-based Evaluation of a Remotely Operated Road Vehicle under Transmission Delays and Denial-of-Service Attacks
Visa övriga...
2023 (Engelska)Ingår i: 28th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2023), IEEE conference proceedings, 2023Konferensbidrag, Publicerat paper (Övrigt vetenskapligt)
Abstract [en]

A remotely operated road vehicle (RORV) refers to a vehicle operated wirelessly from a remote location. In this paper, we report results from an evaluation of two safety mechanisms: safe braking and disconnection. These safety mechanisms are included in the control software for RORV developed by Roboauto, an intelligent mobility solutions provider. The safety mechanisms monitor the communication system to detect packet transmission delays, lost messages, and outages caused by naturally occurring interference as well as denial-of-service (DoS) attacks. When the delay in the communication channel exceeds certain threshold values, the safety mechanisms are to initiate control actions to reduce the vehicle speed or stop the affected vehicle safely as soon as possible. To evaluate the effectiveness of the safety mechanisms, we exposed the vehicle control software to various communication failures using a software-in-the-loop (SIL) testing environment developed specifically for this study. Our results show that the safety mechanisms behaved correctly for a vast majority of the simulated communication failures. However, in a few cases, we noted that the safety mechanisms were triggered incorrectly, either too early or too late, according to the system specification.

Ort, förlag, år, upplaga, sidor
IEEE conference proceedings, 2023
Nyckelord
remotely operated road vehicle (RORV), communication failures, denial-of-service (DoS) attacks, safety mechanisms, software-in-the-loop (SIL) testing
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-67577 (URN)
Konferens
Pacific Rim International Symposium on Dependable Computing
Tillgänglig från: 2023-10-31 Skapad: 2023-10-31 Senast uppdaterad: 2024-02-06Bibliografiskt granskad
Kleberger, P., Folkesson, P. & Sangchoolie, B. (2022). An Integrated Safety and Cybersecurity Resilience Framework for the Automotive Domain. In: : . Paper presented at 7th International Workshop on Critical Automotive Applications: Robustness & Safety. HAL
Öppna denna publikation i ny flik eller fönster >>An Integrated Safety and Cybersecurity Resilience Framework for the Automotive Domain
2022 (Engelska)Konferensbidrag, Publicerat paper (Övrigt vetenskapligt)
Abstract [en]

As vehicles become more and more connected with their surroundings and utilize an increasing number of services, they also become more exposed to threats as the attack surface increases. With increasing attack surfaces and continuing challenges of eliminating vulnerabilities, vehicles need to be designed to work even under malicious activities, i.e., under attacks. In this paper, we present a resilience framework that integrates analysis of safety and cybersecurity mechanisms. We also integrate resilience for safety and cybersecurity into the fault – error – failure chain. The framework is useful for analyzing the propagation of faults and attacks between different system layers. This facilitates identification of adequate resilience mechanisms at different system layers as well as deriving suitable test cases for verification and validation of system resilience using fault and attack injection.

Ort, förlag, år, upplaga, sidor
HAL, 2022
Nyckelord
utomotive, cybersecurity, safety, resilience, framework
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-59793 (URN)
Konferens
7th International Workshop on Critical Automotive Applications: Robustness & Safety
Tillgänglig från: 2022-07-11 Skapad: 2022-07-11 Senast uppdaterad: 2023-06-07Bibliografiskt granskad
Thorsén, A., Sangchoolie, B., Folkesson, P. & Strandberg, T. (2022). Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids. In: : . Paper presented at CSG 2022: 16. International Conference on Smart Grids January 28-29, 2022 in Dubai, United Arab Emirates.
Öppna denna publikation i ny flik eller fönster >>Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids
2022 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment in order to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified in order to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Nyckelord
Intelligent Distribution Grids, threat analysis, risk assessment, safety, cybersecurity
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
urn:nbn:se:ri:diva-57520 (URN)
Konferens
CSG 2022: 16. International Conference on Smart Grids January 28-29, 2022 in Dubai, United Arab Emirates
Tillgänglig från: 2022-01-03 Skapad: 2022-01-03 Senast uppdaterad: 2024-04-11Bibliografiskt granskad
Thorsén, A., Sangchoolie, B., Folkesson, P. & Strandberg, T. (2022). Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids. World Academy of Science, Engineering and Technology International Journal of Energy and Power Engineering, 16(5), 69-76
Öppna denna publikation i ny flik eller fönster >>Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids
2022 (Engelska)Ingår i: World Academy of Science, Engineering and Technology International Journal of Energy and Power Engineering, Vol. 16, nr 5, s. 69-76Artikel i tidskrift (Övrigt vetenskapligt) Published
Abstract [en]

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Nyckelord
Intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity.
Nationell ämneskategori
Maskinteknik
Identifikatorer
urn:nbn:se:ri:diva-59289 (URN)
Tillgänglig från: 2022-05-25 Skapad: 2022-05-25 Senast uppdaterad: 2024-04-11Bibliografiskt granskad
Malik, M., Maleki, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2022). ComFASE: A Tool for Evaluating the Effects of V2V Communication Faults and Attacks on Automated Vehicles. In: 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022): . Paper presented at 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022). Jun 27, 2022 - Jun 30, 2022. Baltimore, Maryland, USA.
Öppna denna publikation i ny flik eller fönster >>ComFASE: A Tool for Evaluating the Effects of V2V Communication Faults and Attacks on Automated Vehicles
Visa övriga...
2022 (Engelska)Ingår i: 52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022), 2022Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

This paper presents ComFASE, a communication fault and attack simulation engine. ComFASE is used to identify and evaluate potentially dangerous behaviours of interconnected automated vehicles in the presence of faults and attacks in wireless vehicular networks. ComFASE is built on top of OMNET++ (a network simulator) and integrates SUMO (a traffic simulator) and Veins (a vehicular network simulator). The tool is flexible in modelling different types of faults and attacks and can be effectively used to study the interplay between safety and cybersecurity attributes by injecting cybersecurity attacks and evaluating their safety implications. To demonstrate the tool, we present results from a series of simulation experiments, where we injected delay and denial-of-service attacks on wireless messages exchanged between vehicles in a platooning application. The results show how different variants of attacks influence the platooning system in terms of collision incidents.

Nyckelord
attack injection, fault injection, simulation-based system, V2V communication, platooning, cybersecurity attack
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-59789 (URN)
Konferens
52nd annual IEEE/IFIP international conference on dependable systems and networks (DSN2022). Jun 27, 2022 - Jun 30, 2022. Baltimore, Maryland, USA
Projekt
VALU3S
Tillgänglig från: 2022-07-11 Skapad: 2022-07-11 Senast uppdaterad: 2023-06-05Bibliografiskt granskad
Ferrari, E., Schlick, R., De la Vara, J. L., Folkesson, P. & Sangchoolie, B. (2022). Criteria for the Analysis of Gaps and Limitations of V&V Methods for Safety- and Security-Critical Systems. In: : . Paper presented at 17th International Workshop on Dependable Embedded Cyber-Physical Systems and Systems-of-Systems. Munich, Germany. 6-9 September 2022. Springer Berlin/Heidelberg
Öppna denna publikation i ny flik eller fönster >>Criteria for the Analysis of Gaps and Limitations of V&V Methods for Safety- and Security-Critical Systems
Visa övriga...
2022 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

As society increasingly relies on safety- and security- critical systems, the need for confirming their dependability becomes essential. Adequate V&V (verification and validation) methods must be employed, e.g., for system testing. When selecting and using the methods, it is important to analyze their possible gaps and limitations, such as scalability issues. However, and as we have experienced, common, explicitly defined criteria are seldom used for such analyses. This results in analyses that consider different aspects and to a different extent, hindering their comparison and thus the comparison of the V&V methods. As a solution, we present a set of criteria for the analysis of gaps and limitations of V&V methods for safety- and security-critical systems. The criteria have been identified in the scope of the VALU3S project. Sixty-two people from 33 organizations agreed upon the use of nine criteria: functionality, accuracy, scalability, deployment, learning curve, automation, reference environment, cost, and standards. Their use led to more homogeneous and more detailed analyses when compared to similar previous efforts. We argue that the proposed criteria can be helpful to others when having to deal with similar activities.

Ort, förlag, år, upplaga, sidor
Springer Berlin/Heidelberg, 2022
Nyckelord
Verification & Validation, V&V method, Gaps, Limitations, Analysis criteria, Safety-critical systems, Security-critical systems
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-59792 (URN)
Konferens
17th International Workshop on Dependable Embedded Cyber-Physical Systems and Systems-of-Systems. Munich, Germany. 6-9 September 2022
Projekt
VALU3S
Tillgänglig från: 2022-07-11 Skapad: 2022-07-11 Senast uppdaterad: 2023-06-05Bibliografiskt granskad
Maleki, M., Malik, M., Folkesson, P., Sangchoolie, B. & Karlsson, J. (2022). Modeling and Evaluating the Effects of Jamming Attacks on Connected Automated Road Vehicles. In: : . Paper presented at 27th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2022) November 28-December 1, 2022, Beijing, China (pp. 12).
Öppna denna publikation i ny flik eller fönster >>Modeling and Evaluating the Effects of Jamming Attacks on Connected Automated Road Vehicles
Visa övriga...
2022 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In this work, we evaluate the safety of a platoon offour vehicles under jamming attacks. The platooning applicationis provided by Plexe-veins, which is a cooperative drivingframework, and the vehicles in the platoon are equipped withcooperative adaptive cruise control controllers to represent thevehicles’ behavior. The jamming attacks investigated are modeledby extending ComFASE (a Communication Fault and AttackSimulation Engine) and represent three real-world attacks,namely, destructive interference, barrage jamming, and deceptivejamming. The attacks are injected in the physical layer of theIEEE 802.11p communication protocol simulated in Veins (avehicular network simulator). To evaluate the safety implicationsof the injected attacks, the experimental results are classifiedby using the deceleration profiles and collision incidents of thevehicles. The results of our experiments show that jammingattacks on the communication can jeopardize vehicle safety,causing emergency braking and collision incidents. Moreover,we describe the impact of different attack injection parameters(such as, attack start time, attack duration and attack value) onthe behavior of the vehicles subjected to the attacks.

Nyckelord
attack injection, jamming, V2V communication, platooning, simulation-based system
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-61312 (URN)
Konferens
27th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2022) November 28-December 1, 2022, Beijing, China
Projekt
VALU3S
Anmärkning

This work was supported by VALU3S project, which has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 876852. The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Austria, Czech Republic, Germany, Ireland, Italy, Portugal, Spain, Sweden, Turkey

Tillgänglig från: 2022-12-02 Skapad: 2022-12-02 Senast uppdaterad: 2023-06-05Bibliografiskt granskad
Folkesson, P., Sangchoolie, B., Kleberger, P. & Nowdehi, N. (2022). On the Evaluation of Three Pre-Injection Analysis Techniques for Model-Implemented Fault- and Attack Injection. In: IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC 2022): . Paper presented at PRDC 2022 (pp. 130-140).
Öppna denna publikation i ny flik eller fönster >>On the Evaluation of Three Pre-Injection Analysis Techniques for Model-Implemented Fault- and Attack Injection
2022 (Engelska)Ingår i: IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC 2022), 2022, s. 130-140Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Fault- and attack injection are techniques used to measure dependability attributes of computer systems. An important property of such injectors is their efficiency that deals with the time and effort needed to explore the target system’s fault- or attack space. As this space is generally very large, techniques such as pre-injection analyses are used to effectively explore the space. In this paper, we study two such techniques that have been proposed in the past, namely inject-on-read and inject-on-write. Moreover, we propose a new technique called error space pruning of signals and evaluate its efficiency in reducing the space needed to be explored by fault and attack injection experiments. We implemented and integrated these techniques into MODIFI, a model-implemented fault and attack injector, which has been effectively used in the past to evaluate Simulink models in the presence of faults and attacks. To the best of our knowledge, we are the first to integrate these pre-injection analysis techniques into an injector that injects faults and attacks into Simulink models.The results of our evaluation on 11 vehicular Simulink models show that the error space pruning of signals reduce the attack space by about 30–43%, hence allowing the attack space to be exploited by fewer number of attack injection experiments. Using MODIFI, we then performed attack injection experiments on two of these vehicular Simulink models, a comfort control model and a brake-by-wire model, while elaborating on the results obtained

Nyckelord
fault injection, attack injection, cybersecurity testing, pre-injection analysis
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:ri:diva-61310 (URN)10.1109/PRDC55274.2022.00027 (DOI)978-1-6654-8555-5 (ISBN)
Konferens
PRDC 2022
Tillgänglig från: 2022-12-02 Skapad: 2022-12-02 Senast uppdaterad: 2023-06-07Bibliografiskt granskad
Sangchoolie, B., Folkesson, P., Kleberger, P. & Vinter, J. (2020). Analysis of Cybersecurity Mechanisms with respectto Dependability and Security Attributes. In: 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W): . Paper presented at Workshop on Safety and Security of Intelligent Vehicles.
Öppna denna publikation i ny flik eller fönster >>Analysis of Cybersecurity Mechanisms with respectto Dependability and Security Attributes
2020 (Engelska)Ingår i: 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), 2020Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Embedded electronic systems need to be equipped with different types of security mechanisms to protect themselves and to mitigate the effects of cybersecurity attacks. These mechanisms should be evaluated with respect to their impacts on dependability and security attributes such as availability, reliability, safety, etc. The evaluation is of great importance as, e.g., a security mechanism should never violate the system safety. Therefore, in this paper, we evaluate a comprehensive set of security mechanisms consisting of 17 different types of mechanisms with respect to their impact on dependability and security attributes. The results show that, in general, the use of these mechanisms have positive effect on system dependability and security. However, there are at least three mechanisms that could have negative impacts on system dependability by violating safety and availability requirements. The results support our claim that the analyses such as the ones conducted in this paper are necessary when selecting and implementing an optimal set of safety and security mechanisms.

Nyckelord
safety, cybersecurity mechanism, privacy
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
urn:nbn:se:ri:diva-47668 (URN)10.1109/DSN-W50199.2020.00027 (DOI)978-1-7281-7263-7 (ISBN)978-1-7281-7264-4 (ISBN)
Konferens
Workshop on Safety and Security of Intelligent Vehicles
Projekt
This research was partially supported by the Swedish VINNOVA FFI project “HoliSec: Holistic Approach to Improve Data Security” with diary number: 2015-06894; and the Swedish VINNOVA FFI project “CyReV I: Cyber Resilience for Vehicles” with diary number: 2018-05013.
Tillgänglig från: 2020-08-31 Skapad: 2020-08-31 Senast uppdaterad: 2023-06-07Bibliografiskt granskad
Organisationer
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0001-5224-9412

Sök vidare i DiVA

Visa alla publikationer