Enhancement of Automotive Penetration Testing with Threat Analyses Results

Journal Article

11-01-02-0005

ISSN: 2572-1046, e-ISSN: 2572-1054

DOI: https://doi.org/10.4271/11-01-02-0005

Published November 02, 2018 by SAE International in United States

Enhancement of Automotive Penetration Testing with Threat Analyses Results

Sector:

Automotive

Topic:

Citation: Dürrwang, J., Braun, J., Rumez, M., Kriesten, R. et al., "Enhancement of Automotive Penetration Testing with Threat Analyses Results," SAE Int. J. Transp. Cyber. & Privacy 1(2):91-112, 2018, https://doi.org/10.4271/11-01-02-0005.

Language: English

Abstract:

In this work, we present an approach to support penetration tests by combining safety and security analyses to enhance automotive security testing. Our approach includes a new way to combine safety and threat analyses to derive possible test cases. We reuse outcomes of a performed safety analysis as the input for a threat analysis. We show systematically how to derive test cases, and we present the applicability of our approach by deriving and performing test cases for a penetration test of an automotive electronic control unit (ECU). Therefore, we selected an airbag control unit due to its safety-critical functionality. During the penetration test, the selected control unit was installed on a test bench, and we were able to successfully exploit a discovered vulnerability, causing the detonation of airbags.

Technical Paper	Hardware/Software Co-Design of an Automotive Embedded Firewall
Ground Vehicle Standard	V2X Communications Message Set Dictionary
Technical Paper	Model Based Development of Automotive Human Machine Interfaces

Citation
	(MAC / WIN)
	(MAC / WIN)
	(MAC / WIN)
	(MAC / WIN)

File Format:	Number of Results:
Select Fields to Export
Item Number	Content Type
Title	Author(s)
Affiliation(s)	Publisher
Publish Date	Abstract/scope
Citation	DOI

Enhancement of Automotive Penetration Testing with Threat Analyses Results

Abstract:

Recommended Content