research-article

Verification of Integrity in Vehicle Architectures

Authors:
Christine Jakobs

TU Chemnitz, Chemnitz, Germany

TU Chemnitz, Chemnitz, Germany
View Profile

,
Billy Naumann

TU Chemnitz, Chemnitz, Germany

TU Chemnitz, Chemnitz, Germany
View Profile

,
Matthias Werner

TU Chemnitz, Chemnitz, Germany

TU Chemnitz, Chemnitz, Germany
View Profile

,
Karsten Schmidt

AUDI AG, Ingolstadt, Germany

AUDI AG, Ingolstadt, Germany
View Profile

NISS '20: Proceedings of the 3rd International Conference on Networking, Information Systems & SecurityMarch 2020Article No.: 64Pages 1–7https://doi.org/10.1145/3386723.3387883

Published:18 May 2020Publication History

NISS '20: Proceedings of the 3rd International Conference on Networking, Information Systems & Security

Pages 1–7

ABSTRACT

The draft version of ISO 21434 demands, among others, the verification of the car architecture with respect to the enforcement of the security goals. We present a distinct definition of integrity as a system property as well as a formal modeling and analysis approach to verify integrity in a given architecture. Thereby, we discuss the idea of integrity levels as well as security measure levels as metrics to represent a functions worthiness of protection and the reduction of risk, respectively. We present how the beneficence of security measures may be ranked for gaining the global security measure levels. We assign those levels to the system parts and interpret integrity as a global information flow problem. Formal properties enforce the relation between the integrity levels of a function and the assigned security measure level as well as between the communication links and the receiver functions. The relation between communication functions and functions in the same unit of isolation are enforced to follow the policy of no command-up.

References

Jason Andress. 2014. The basics of information security: understanding the fundamentals of lnfoSec in theory and practice. Syngress.Google Scholar
A. Avižienis, J. C. Laprie, B. Randell, and C. Landwehr. 2004. Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Transactions on Dependable and Secure Computing 1, 1 (2004), 11--33. https://doi.org/10.1109/TDSC.2004.2Google ScholarDigital Library
D. Elliott Bell and Leonard J. LaPadula. 1976. Secure Computer System: Unified Exposition and Multics Interpretation:. Mitre Corporation. https://doi.org/10.21236/ADA023588Google Scholar
K. J. Biba. 1977. MTR-3153: Integrity Considerations for Secure Computer Systems.Google Scholar
David FC Brewer and Michael J Nash. 1989. The chinese wall security policy. In Proceedings. 1989 IEEE Symposium on Security and Privacy. IEEE, 206-214.Google ScholarCross Ref
David D Clark and David R Wilson. 1987. A comparison of commercial and military computer security policies. In 1987 IEEE Symposium on Security and Privacy. IEEE, 184-184.Google ScholarCross Ref
ISO. 2018. ISO 26262:2018 Road vehicles - Functional safety.Google Scholar
ISO. 2019. ISO 21434:2019 (draft) Road vehicles - Cybersecurity engineering.Google Scholar
ISO/IEC. 2018. ISO/IEC 27000:2018 Information technology - Security techniques - Information security management systems - Overview and vocabulary.Google Scholar
Tobias Jordan. 2018. How hardware security modules enable AUTOSAR. Website. https://www.embedded.com/design/safety-and-security/4460819/How-hardware-security-modules-enable-AUTOSAR; accessed 2019-05-25.Google Scholar
Leslie Lamport, Robert Shostak, and Marshall Pease. 1982. The Byzantine Generals Problem. ACM Transactions on Programming Languages and Systems (TOPLAS) 4, 3 (1982), 382--401.Google ScholarDigital Library
M. Müter and F. C. Freiling. 2010. Model-Based Security Evaluation of Vehicular Networking Architectures. In 2010 Ninth International Conference on Networks. 185--193. https://doi.org/10.1109/ICN.2010.38Google ScholarDigital Library
SAE International. 2016. J3061 - Cybersecurity Guidebook for Cyber-Physical Vehicle Systems.Google Scholar
E. Totel, J. Blanquart, Y. Deswarte, and D. Powell. 1998. Supporting multiple levels of criticality. In Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224). 70--79. https://doi.org/10.1109/FTCS.1998.689456Google ScholarCross Ref

Recommendations

A practical alternative to domain and type enforcement integrity formal models
Inscrypt'06: Proceedings of the Second SKLOIS conference on Information Security and Cryptology

Much secure system policy development uses the DTE (Domain and Type Enforcement) model, but the DTE model cannot explicitly provide the security goals of the policy. The invariants of the only based-DTE integrity protection formal model are too complex ...
Read More
Permanent protection of information systems with method of automated security and integrity control
SIN '10: Proceedings of the 3rd international conference on Security of information and networks

Information security is very important nowadays. Every IT system needs protection mechanisms for stability and safety of work. To solve this task, there are proposed a variety of security-providing solutions, but most of them are very expensive and non-...
Read More
Securing the Integrity of Workflows in IoT
EWSN ’18: Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks

In a multi-tenant, self-configuring IoT system, entities -- devices, services or "things" -- might know each other or might be complete strangers. The different owners will probably have different security goals and will want to impose their own ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
NISS '20: Proceedings of the 3rd International Conference on Networking, Information Systems & Security
March 2020
528 pages
ISBN:9781450376341
DOI:10.1145/3386723
General Chairs:
Mohamed Ben Ahmed,
Anouar Abdelhakim Boudhir
Copyright © 2020 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 18 May 2020
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Formal methods
Information Flow
Integrity
Security
Qualifiers
- research-article
- Research
- Refereed limited
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 2
  Total Citations
  View Citations
- 102
  Total Downloads
- Downloads (Last 12 months)18
- Downloads (Last 6 weeks)3
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Verification of Integrity in Vehicle Architectures

NISS '20: Proceedings of the 3rd International Conference on Networking, Information Systems & Security

ABSTRACT

References

Cited By

Recommendations

A practical alternative to domain and type enforcement integrity formal models

Permanent protection of information systems with method of automated security and integrity control

Securing the Integrity of Workflows in IoT