Artur Hermann, Natasa Trkulja (Ulm University - Institute of Distributed Systems), Anderson Ramon Ferraz de Lucena, Alexander Kiening (DENSO AUTOMOTIVE Deutschland GmbH), Ana Petrovska (Huawei Technologies), Frank Kargl (Ulm University - Institute of Distributed Systems)

Future vehicles will run safety-critical applications that rely on data from entities within and outside the vehicle. Malicious manipulation of this data can lead to safety incidents. In our work, we propose a Trust Assessment Framework (TAF) that allows a component in a vehicle to assess whether it can trust the provided data. Based on a logic framework called Subjective Logic, the TAF determines a trust opinion for all components involved in processing or forwarding a data item. One particular challenge in this approach is the appropriate quantification of trust. To this end, we propose to derive trust opinions for electronic control units (ECUs) in an in-vehicle network based on the security controls implemented in the ECU, such as secure boot. We apply a Threat Analysis and Risk Assessment (TARA) to assess security controls at design time and use run time information to calculate associated trust opinions. The feasibility of the proposed concept is showcased using an in-vehicle application with two different scenarios. Based on the initial results presented in this paper, we see an indication that a trust assessment based on quantifying security controls represents a reasonable approach to provide trust opinions for a TAF.

View More Papers

Secure Multiparty Computation of Threshold Signatures Made More Efficient

Harry W. H. Wong (The Chinese University of Hong Kong), Jack P. K. Ma (The Chinese University of Hong Kong), Sherman S. M. Chow (The Chinese University of Hong Kong)

Read More

TextGuard: Provable Defense against Backdoor Attacks on Text Classification

Hengzhi Pei (UIUC), Jinyuan Jia (UIUC, Penn State), Wenbo Guo (UC Berkeley, Purdue University), Bo Li (UIUC), Dawn Song (UC Berkeley)

Read More

Unus pro omnibus: Multi-Client Searchable Encryption via Access Control

Jiafan Wang (Data61, CSIRO), Sherman S. M. Chow (The Chinese University of Hong Kong)

Read More

A Preliminary Study on Using Large Language Models in...

Kumar Shashwat, Francis Hahn, Xinming Ou, Dmitry Goldgof, Jay Ligatti, Larrence Hall (University of South Florida), S. Raj Rajagoppalan (Resideo), Armin Ziaie Tabari (CipherArmor)

Read More