Artur Hermann, Natasa Trkulja (Ulm University - Institute of Distributed Systems), Anderson Ramon Ferraz de Lucena, Alexander Kiening (DENSO AUTOMOTIVE Deutschland GmbH), Ana Petrovska (Huawei Technologies), Frank Kargl (Ulm University - Institute of Distributed Systems)

Future vehicles will run safety-critical applications that rely on data from entities within and outside the vehicle. Malicious manipulation of this data can lead to safety incidents. In our work, we propose a Trust Assessment Framework (TAF) that allows a component in a vehicle to assess whether it can trust the provided data. Based on a logic framework called Subjective Logic, the TAF determines a trust opinion for all components involved in processing or forwarding a data item. One particular challenge in this approach is the appropriate quantification of trust. To this end, we propose to derive trust opinions for electronic control units (ECUs) in an in-vehicle network based on the security controls implemented in the ECU, such as secure boot. We apply a Threat Analysis and Risk Assessment (TARA) to assess security controls at design time and use run time information to calculate associated trust opinions. The feasibility of the proposed concept is showcased using an in-vehicle application with two different scenarios. Based on the initial results presented in this paper, we see an indication that a trust assessment based on quantifying security controls represents a reasonable approach to provide trust opinions for a TAF.

View More Papers

A Comparative Analysis of Difficulty Between Log and Graph-Based...

Matt Jansen, Rakesh Bobba, Dave Nevin (Oregon State University)

Read More

Information Based Heavy Hitters for Real-Time DNS Data Exfiltration...

Yarin Ozery (Ben-Gurion University of the Negev, Akamai Technologies inc.), Asaf Nadler (Ben-Gurion University of the Negev), Asaf Shabtai (Ben-Gurion University of the Negev)

Read More

WIP: Towards a Certifiably Robust Defense for Multi-label Classifiers...

Dennis Jacob, Chong Xiang, Prateek Mittal (Princeton University)

Read More

ActiveDaemon: Unconscious DNN Dormancy and Waking Up via User-specific...

Ge Ren (Shanghai Jiao Tong University), Gaolei Li (Shanghai Jiao Tong University), Shenghong Li (Shanghai Jiao Tong University), Libo Chen (Shanghai Jiao Tong University), Kui Ren (Zhejiang University)

Read More