A Formal Model to Facilitate Security Testing in Modern Automotive Systems

Eduardo dos Santos
(Centre for Doctoral Training in Cyber Security, Department of Computer Science, University of Oxford, Oxford, United Kingdom)
Andrew Simpson
(Department of Computer Science, University of Oxford, Oxford, United Kingdom)
Dominik Schoop
(Esslingen University of Applied Sciences, Esslingen am Neckar, Germany)

Ensuring a car's internal systems are free from security vulnerabilities is of utmost importance, especially due to the relationship between security and other properties, such as safety and reliability. We provide the starting point for a model-based framework designed to support the security testing of modern cars. We use Communicating Sequential Processes (CSP) to create architectural models of the vehicle bus systems, as well as an initial set of attacks against these systems. While this contribution represents initial steps, we are mindful of the ultimate objective of generating test code to exercise the security of vehicle bus systems. We present the way forward from the models created and consider their potential integration with commercial engineering tools

In Régine Laleau, Dominique Méry, Shin Nakajima and Elena Troubitsyna: Proceedings Joint Workshop on Handling IMPlicit and EXplicit knowledge in formal system development (IMPEX) and Formal and Model-Driven Techniques for Developing Trustworthy Systems (FM&MDD) (IMPEX 2017 and FM&MDD 2017), Xi'An, China, 16th November 2017, Electronic Proceedings in Theoretical Computer Science 271, pp. 95–104.
Published: 12th May 2018.

ArXived at: http://dx.doi.org/10.4204/EPTCS.271.7 bibtex PDF
References in reconstructed bibtex, XML and HTML format (approximated).
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org