A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061

Marco Steger; Michael Karner; Joachim Hillebrand; Werner Rom; Kay Uwe Römer

A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061

Marco Steger, Michael Karner, Joachim Hillebrand, Werner Rom, Kay Uwe Römer

Institute of Technical Informatics (4480)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.

In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.

Original language	English
Title of host publication	CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems
Pages	1-6
Number of pages	6
Publication status	Published - 11 Apr 2016
Event	CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems - Vienna, Austria Duration: 11 Apr 2016 → 11 Apr 2016

Workshop

Workshop	CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems
Country/Territory	Austria
City	Vienna
Period	11/04/16 → 11/04/16

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Experimental
Application

Cite this

A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. / Steger, Marco; Karner, Michael; Hillebrand, Joachim et al.
CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. 2016. p. 1-6.

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Steger, M, Karner, M, Hillebrand, J, Rom, W & Römer, KU 2016, A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061. in CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems. pp. 1-6, CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems, Vienna, Austria, 11/04/16.

@inproceedings{01c0a97187c74f8c98d438a3757f0278,

title = "A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061",

abstract = "The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.",

keywords = "Cyber Physical Systems, Security",

author = "Marco Steger and Michael Karner and Joachim Hillebrand and Werner Rom and R{\"o}mer, {Kay Uwe}",

year = "2016",

month = apr,

day = "11",

language = "English",

pages = "1--6",

booktitle = "CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems",

note = "CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems ; Conference date: 11-04-2016 Through 11-04-2016",

}

TY - GEN

T1 - A Security Metric for Structured Security Analysis of Cyber-Physical Systems Supporting SAE J3061

AU - Steger, Marco

AU - Karner, Michael

AU - Hillebrand, Joachim

AU - Rom, Werner

AU - Römer, Kay Uwe

PY - 2016/4/11

Y1 - 2016/4/11

N2 - The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.

AB - The complexity in modern vehicles has increased dramatically during the last years due to new features and applications. Modern vehicles are connected to the internet as well as the other vehicles in close proximity and the environment to offer different novel comfort services and safety related applications. Enabling such services and applications requires wireless interfaces to the vehicle and therefore leads to open interfaces to the outside world. Attackers can use those interfaces to impair the privacy of the vehicle owner or to take control (of parts of) the vehicle, which strongly endangers the safety of the passengers as well as other road users. To avoid such attacks and to ensure the safety of modern vehicles, sophisticated structured processes and methods are needed.In this paper we propose a security metric to analyse cyber-physical systems in a structured way. Its application leads to a secure system configuration with comparable as well as reusable results. Additionally, the security metric can be used to support the conceptual phase specified in the new SAE security standard SAE J3061. A case study has been carried out to illustrate the application of the security metric.

KW - Cyber Physical Systems

KW - Security

M3 - Conference paper

SP - 1

EP - 6

BT - CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems

T2 - CPS Data – Second International Workshop on modeling, analysis and control of complex Cyber-Physical Systems

Y2 - 11 April 2016 through 11 April 2016

ER -