Abstract
Modern vehicles consist of a large number of electronic information technology components, which communicate with each other and external components. To protect vehicles against security attacks, automotive-specific standards and regulations require an integration of security concepts and measures in vehicles. Security testing techniques, such as penetration tests, are used to verify and validate those measures. However, these methods are usually carried out manually in late phases of development. Thus, identified vulnerabilities can only be eliminated at a late stage leading to a high investment of time and resources. This paper presents a model-based security testing approach which aims to enable security tests early on in the vehicle development process in an automated way. This allows vulnerabilities to be identified and eliminated at an early stage during development. Therefore, we show our concept to create a security model based on a vehicle network. This model can be used to automatically derive attack paths for security testing. We further illustrate our approach by applying it to a real-world vehicle network.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
