Artur Hermann, Natasa Trkulja (Ulm University - Institute of Distributed Systems), Anderson Ramon Ferraz de Lucena, Alexander Kiening (DENSO AUTOMOTIVE Deutschland GmbH), Ana Petrovska (Huawei Technologies), Frank Kargl (Ulm University - Institute of Distributed Systems)

Future vehicles will run safety-critical applications that rely on data from entities within and outside the vehicle. Malicious manipulation of this data can lead to safety incidents. In our work, we propose a Trust Assessment Framework (TAF) that allows a component in a vehicle to assess whether it can trust the provided data. Based on a logic framework called Subjective Logic, the TAF determines a trust opinion for all components involved in processing or forwarding a data item. One particular challenge in this approach is the appropriate quantification of trust. To this end, we propose to derive trust opinions for electronic control units (ECUs) in an in-vehicle network based on the security controls implemented in the ECU, such as secure boot. We apply a Threat Analysis and Risk Assessment (TARA) to assess security controls at design time and use run time information to calculate associated trust opinions. The feasibility of the proposed concept is showcased using an in-vehicle application with two different scenarios. Based on the initial results presented in this paper, we see an indication that a trust assessment based on quantifying security controls represents a reasonable approach to provide trust opinions for a TAF.

View More Papers

dRR: A Decentralized, Scalable, and Auditable Architecture for RPKI...

Yingying Su (Tsinghua university), Dan Li (Tsinghua university), Li Chen (Zhongguancun Laboratory), Qi Li (Tsinghua university), Sitong Ling (Tsinghua University)

Read More

LDR: Secure and Efficient Linux Driver Runtime for Embedded...

Huaiyu Yan (Southeast University), Zhen Ling (Southeast University), Haobo Li (Southeast University), Lan Luo (Anhui University of Technology), Xinhui Shao (Southeast University), Kai Dong (Southeast University), Ping Jiang (Southeast University), Ming Yang (Southeast University), Junzhou Luo (Southeast University, Nanjing, P.R. China), Xinwen Fu (University of Massachusetts Lowell)

Read More

Evaluating Disassembly Ground Truth Through Dynamic Tracing (abstract)

Lambang Akbar (National University of Singapore), Yuancheng Jiang (National University of Singapore), Roland H.C. Yap (National University of Singapore), Zhenkai Liang (National University of Singapore), Zhuohao Liu (National University of Singapore)

Read More

An Experimental Study on Attacking Homogeneous Averaging Processes via...

Olsan Ozbay (Dept. ECE, University of Maryland), Yuntao Liu (ISR, University of Maryland), Ankur Srivastava (Dept. ECE, ISR, University of Maryland)

Read More