SaSeVAL: A Safety/Security-Aware Approach for Validation of Safety-Critical SystemsShow others and affiliations
2021 (English)In: 7th International Workshop on Safety and Security of Intelligent Vehicles (SSIV+ 2021, held in conjunction with DSN2021), IEEE conference proceedings, 2021Conference paper, Published paper (Refereed)
Abstract [en]
Increasing communication and self-driving capabilities for road vehicles lead to threats which could potentially be exploited by attackers. Especially attacks leading to safety violations have to be identified to address them by appropriate measures. The impact of an attack depends on the threat exploited, potential countermeasures and the traffic situation. In order to identify such attacks and to use them for testing, we propose the systematic approach SaSeVAL for deriving attacks of autonomous vehicles.
SaSeVAL is based on threats identification and safety-security analysis. The impact of automotive use cases to attacks is considered. The threat identification considers the attack interface of vehicles and classifies threat scenarios according to threat types, which are then mapped to attack types. The safety-security analysis identifies the necessary requirements which have to be tested based on the architecture of the system under test. It determines which safety impact a security violation may have, and in which traffic situations the highest impact is expected. Finally, the results of threat identification and safety-security analysis are used to describe attacks.
The goal of SaSeVAL is to achieve safety validation of the vehicle w.r.t. security concerns. It traces safety goals to threats and to attacks explicitly. Hence, the coverage of safety concerns by security testing is assured. Two use cases of vehicle communication and autonomous driving are investigated to prove the applicability of the approach.
Place, publisher, year, edition, pages
IEEE conference proceedings, 2021.
Keywords [en]
safety, security testing, attack description, threats, threat library, risk assessment
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ri:diva-55457OAI: oai:DiVA.org:ri-55457DiVA, id: diva2:1579854
Conference
7th International Workshop on Safety and Security of Intelligent Vehicles (SSIV+ 2021, held in conjunction with DSN2021)
Projects
SECREDAS
Funder
EU, Horizon 2020, 7831192021-07-122021-07-122023-04-28Bibliographically approved