A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.

In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.
LanguageEnglish
Title of host publicationCPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems
Pages1-6
Number of pages6
StatusPublished - 11 Apr 2016
EventCPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems - Vienna, Austria
Duration: 11 Apr 201611 Apr 2016

Workshop

WorkshopCPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems
CountryAustria
CityVienna
Period11/04/1611/04/16

Keywords

    Fields of Expertise

    • Information, Communication & Computing

    Treatment code (Nähere Zuordnung)

    • Experimental
    • Application

    Cite this

    Steger, M., Karner, M., Hillebrand, J., Rom, W., & Römer, K. U. (2016). A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. In CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems (pp. 1-6)

    A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. / Steger, Marco; Karner, Michael; Hillebrand, Joachim; Rom, Werner; Römer, Kay Uwe.

    CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. 2016. p. 1-6.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

    Steger, M, Karner, M, Hillebrand, J, Rom, W & Römer, KU 2016, A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. in CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. pp. 1-6, CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems, Vienna, Austria, 11/04/16.
    Steger M, Karner M, Hillebrand J, Rom W, Römer KU. A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. In CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. 2016. p. 1-6.
    Steger, Marco ; Karner, Michael ; Hillebrand, Joachim ; Rom, Werner ; Römer, Kay Uwe. / A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. 2016. pp. 1-6
    @inproceedings{01c0a97187c74f8c98d438a3757f0278,
    title = "A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061",
    abstract = "The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.",
    keywords = "Cyber Physical Systems, Security",
    author = "Marco Steger and Michael Karner and Joachim Hillebrand and Werner Rom and R{\"o}mer, {Kay Uwe}",
    year = "2016",
    month = "4",
    day = "11",
    language = "English",
    pages = "1--6",
    booktitle = "CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems",

    }

    TY - GEN

    T1 - A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061

    AU - Steger,Marco

    AU - Karner,Michael

    AU - Hillebrand,Joachim

    AU - Rom,Werner

    AU - Römer,Kay Uwe

    PY - 2016/4/11

    Y1 - 2016/4/11

    N2 - The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.

    AB - The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.

    KW - Cyber Physical Systems

    KW - Security

    M3 - Conference contribution

    SP - 1

    EP - 6

    BT - CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems

    ER -