Applied Vulnerability Detection System

Author

Smith, Jeffrey ; Krikeles, Basil ; Wittenberg, David K. ; Taveniku, Mikael

Author_Institution

BAE Syst., Burlington, MA, USA

fYear

2015

fDate

14-16 April 2015

Firstpage

1

Lastpage

6

Abstract

In [1], we presented a Vulnerability Detection System (VDS) that can detect emergent vulnerabilities in complex Cyber Physical Systems (CPS). It used the attacker´s point of view by collecting a target system´s vulnerability information from varied sources, and populating a Attack Point (AP) database. From these APs, a Hierarchical Task Network generated the set of composite device-level attack scenarios. The VDS used Alloy [2] to reduce the cardinality of the generated space by evaluating the feasibility of each attack. This paper specializes prior research by submitting the generated prioritized list to an automotive-specific Attack Evaluation Process (AAEP). With a combination of simulation and vehicle instrumented real-time execution, the AAEP confirms each candidate attack. The AAEPs output is used as feedback to refine the Alloy model. VDS is designed to support short product release cycles. The AAEP separates domain-specific from domain-independent aspects so the VDS can be rapidly retargeted.

Keywords

automobiles; control engineering computing; security of data; AAEP; AP; Alloy model; CPS; VDS; applied vulnerability detection system; attack point database; automotive-specific attack evaluation process; complex cyber physical systems; composite device-level attack scenarios; domain-independent aspects; domain-specific aspects; emergent vulnerabilities; hierarchical task network; short product release cycles; vulnerability information; Automotive engineering; Irrigation; Semantics;

fLanguage

English

Publisher

ieee

Conference_Titel

Technologies for Homeland Security (HST), 2015 IEEE International Symposium on

Conference_Location

Waltham, MA

Print_ISBN

978-1-4799-1736-5

Type

conf

DOI

10.1109/THS.2015.7225296

Filename

7225296