Journal article 259 views
Systematic Risk Characterisation of Hardware Threats to Automotive System
James Pickford 
,
Rasadhi Attale ,
Siraj Shaikh ,
Hoang Nguyen ,
Lee Harrison
,
Rasadhi Attale ,
Siraj Shaikh ,
Hoang Nguyen ,
Lee Harrison
ACM Journal on Autonomous Transportation Systems, Volume: 1, Issue: 4, Pages: 1 - 36
Swansea University Authors:
Siraj Shaikh , Hoang Nguyen
Full text not available from this repository: check for access using links below.
DOI (Published version): 10.1145/3661315
Abstract
The increasing dependence of modern automotive systems on electronics and software poses cybersecurity risks previously not factored into design and engineering of such systems. Attacks on hardware components, communication modules and embedded software – many of which are purposefully designed for...
| Published in: | ACM Journal on Autonomous Transportation Systems |
|---|---|
| ISSN: | 2833-0528 |
| Published: |
Association for Computing Machinery (ACM)
2024
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa66221 |
| first_indexed |
2024-04-30T13:01:38Z |
|---|---|
| last_indexed |
2024-11-25T14:17:43Z |
| id |
cronfa66221 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2024-10-16T11:55:25.6780269</datestamp><bib-version>v2</bib-version><id>66221</id><entry>2024-04-30</entry><title>Systematic Risk Characterisation of Hardware Threats to Automotive System</title><swanseaauthors><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>cb24d5c5080534dc5b5e3390f24dd422</sid><ORCID>0000-0003-0260-1697</ORCID><firstname>Hoang</firstname><surname>Nguyen</surname><name>Hoang Nguyen</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2024-04-30</date><deptcode>MACS</deptcode><abstract>The increasing dependence of modern automotive systems on electronics and software poses cybersecurity risks previously not factored into design and engineering of such systems. Attacks on hardware components, communication modules and embedded software – many of which are purposefully designed for automotive control and communications – are the key focus of this paper. We adopt a novel approach to characterise such attacks using Gajski-Kuhn Y-charts to represent attack manipulation across behavioural, structural and physical domains. Our selection of attacks is evidence-driven demonstrating threats that have been demonstrated to be feasible in the real-world. We then risk assess impact of such threats using the recently adopted ISO/SAE 21434 standard for automotive cybersecurity risk assessment, including mitigations for potential adoption. Our work serves to provide unique insights into the complex dynamic of hardware vulnerabilities and how the industry may address system-level security and protection of modern automotive platforms.</abstract><type>Journal Article</type><journal>ACM Journal on Autonomous Transportation Systems</journal><volume>1</volume><journalNumber>4</journalNumber><paginationStart>1</paginationStart><paginationEnd>36</paginationEnd><publisher>Association for Computing Machinery (ACM)</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint/><issnElectronic>2833-0528</issnElectronic><keywords>Automotive hardware security, automotive cybersecurity, threat analysis and risk assessment</keywords><publishedDay>9</publishedDay><publishedMonth>8</publishedMonth><publishedYear>2024</publishedYear><publishedDate>2024-08-09</publishedDate><doi>10.1145/3661315</doi><url/><notes/><college>COLLEGE NANME</college><department>Mathematics and Computer Science School</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>MACS</DepartmentCode><institution>Swansea University</institution><apcterm>SU Library paid the OA fee (TA Institutional Deal)</apcterm><funders>Contribution by Hoang Nga Nguyen and Siraj Shaikh has been supported by AutoCHERI (https://autocheri.tech/), (InnovateUK project reference 10018347), which is funded under the Digital Security by Design (DSbD) initiative addressing secure by design principles.</funders><projectreference/><lastEdited>2024-10-16T11:55:25.6780269</lastEdited><Created>2024-04-30T13:56:30.9438881</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>James</firstname><surname>Pickford</surname><orcid>0009-0000-9243-7397</orcid><order>1</order></author><author><firstname>Rasadhi</firstname><surname>Attale</surname><orcid>0009-0000-3285-8210</orcid><order>2</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>3</order></author><author><firstname>Hoang</firstname><surname>Nguyen</surname><orcid>0000-0003-0260-1697</orcid><order>4</order></author><author><firstname>Lee</firstname><surname>Harrison</surname><orcid>0009-0000-4690-1574</orcid><order>5</order></author></authors><documents><document><filename>66221__32609__4439ae6f82cd4edfb3c8cd07bcf6477b.pdf</filename><originalFilename>66221.VOR.pdf</originalFilename><uploaded>2024-10-16T10:25:29.1447382</uploaded><type>Output</type><contentLength>1452312</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>© 2024 Copyright held by the owner/author(s). This work is licensed under a Creative Commons Attribution International 4.0 License (CC BY 4.0).</documentNotes><copyrightCorrect>true</copyrightCorrect><language>eng</language><licence>https://creativecommons.org/licenses/by/4.0/</licence></document></documents><OutputDurs/></rfc1807> |
| spelling |
2024-10-16T11:55:25.6780269 v2 66221 2024-04-30 Systematic Risk Characterisation of Hardware Threats to Automotive System 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false cb24d5c5080534dc5b5e3390f24dd422 0000-0003-0260-1697 Hoang Nguyen Hoang Nguyen true false 2024-04-30 MACS The increasing dependence of modern automotive systems on electronics and software poses cybersecurity risks previously not factored into design and engineering of such systems. Attacks on hardware components, communication modules and embedded software – many of which are purposefully designed for automotive control and communications – are the key focus of this paper. We adopt a novel approach to characterise such attacks using Gajski-Kuhn Y-charts to represent attack manipulation across behavioural, structural and physical domains. Our selection of attacks is evidence-driven demonstrating threats that have been demonstrated to be feasible in the real-world. We then risk assess impact of such threats using the recently adopted ISO/SAE 21434 standard for automotive cybersecurity risk assessment, including mitigations for potential adoption. Our work serves to provide unique insights into the complex dynamic of hardware vulnerabilities and how the industry may address system-level security and protection of modern automotive platforms. Journal Article ACM Journal on Autonomous Transportation Systems 1 4 1 36 Association for Computing Machinery (ACM) 2833-0528 Automotive hardware security, automotive cybersecurity, threat analysis and risk assessment 9 8 2024 2024-08-09 10.1145/3661315 COLLEGE NANME Mathematics and Computer Science School COLLEGE CODE MACS Swansea University SU Library paid the OA fee (TA Institutional Deal) Contribution by Hoang Nga Nguyen and Siraj Shaikh has been supported by AutoCHERI (https://autocheri.tech/), (InnovateUK project reference 10018347), which is funded under the Digital Security by Design (DSbD) initiative addressing secure by design principles. 2024-10-16T11:55:25.6780269 2024-04-30T13:56:30.9438881 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science James Pickford 0009-0000-9243-7397 1 Rasadhi Attale 0009-0000-3285-8210 2 Siraj Shaikh 0000-0002-0726-3319 3 Hoang Nguyen 0000-0003-0260-1697 4 Lee Harrison 0009-0000-4690-1574 5 66221__32609__4439ae6f82cd4edfb3c8cd07bcf6477b.pdf 66221.VOR.pdf 2024-10-16T10:25:29.1447382 Output 1452312 application/pdf Version of Record true © 2024 Copyright held by the owner/author(s). This work is licensed under a Creative Commons Attribution International 4.0 License (CC BY 4.0). true eng https://creativecommons.org/licenses/by/4.0/ |
| title |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| spellingShingle |
Systematic Risk Characterisation of Hardware Threats to Automotive System Siraj Shaikh Hoang Nguyen |
| title_short |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| title_full |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| title_fullStr |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| title_full_unstemmed |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| title_sort |
Systematic Risk Characterisation of Hardware Threats to Automotive System |
| author_id_str_mv |
50117e8faac2d0937989e14847105704 cb24d5c5080534dc5b5e3390f24dd422 |
| author_id_fullname_str_mv |
50117e8faac2d0937989e14847105704_***_Siraj Shaikh cb24d5c5080534dc5b5e3390f24dd422_***_Hoang Nguyen |
| author |
Siraj Shaikh Hoang Nguyen |
| author2 |
James Pickford Rasadhi Attale Siraj Shaikh Hoang Nguyen Lee Harrison |
| format |
Journal article |
| container_title |
ACM Journal on Autonomous Transportation Systems |
| container_volume |
1 |
| container_issue |
4 |
| container_start_page |
1 |
| publishDate |
2024 |
| institution |
Swansea University |
| issn |
2833-0528 |
| doi_str_mv |
10.1145/3661315 |
| publisher |
Association for Computing Machinery (ACM) |
| college_str |
Faculty of Science and Engineering |
| hierarchytype |
|
| hierarchy_top_id |
facultyofscienceandengineering |
| hierarchy_top_title |
Faculty of Science and Engineering |
| hierarchy_parent_id |
facultyofscienceandengineering |
| hierarchy_parent_title |
Faculty of Science and Engineering |
| department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
| document_store_str |
0 |
| active_str |
0 |
| description |
The increasing dependence of modern automotive systems on electronics and software poses cybersecurity risks previously not factored into design and engineering of such systems. Attacks on hardware components, communication modules and embedded software – many of which are purposefully designed for automotive control and communications – are the key focus of this paper. We adopt a novel approach to characterise such attacks using Gajski-Kuhn Y-charts to represent attack manipulation across behavioural, structural and physical domains. Our selection of attacks is evidence-driven demonstrating threats that have been demonstrated to be feasible in the real-world. We then risk assess impact of such threats using the recently adopted ISO/SAE 21434 standard for automotive cybersecurity risk assessment, including mitigations for potential adoption. Our work serves to provide unique insights into the complex dynamic of hardware vulnerabilities and how the industry may address system-level security and protection of modern automotive platforms. |
| published_date |
2024-08-09T02:50:47Z |
| _version_ |
1822096933211078656 |
| score |
11.048302 |