Title :
Applied Vulnerability Detection System
Author :
Smith, Jeffrey ; Krikeles, Basil ; Wittenberg, David K. ; Taveniku, Mikael
Author_Institution :
BAE Syst., Burlington, MA, USA
Abstract :
In [1], we presented a Vulnerability Detection System (VDS) that can detect emergent vulnerabilities in complex Cyber Physical Systems (CPS). It used the attacker´s point of view by collecting a target system´s vulnerability information from varied sources, and populating a Attack Point (AP) database. From these APs, a Hierarchical Task Network generated the set of composite device-level attack scenarios. The VDS used Alloy [2] to reduce the cardinality of the generated space by evaluating the feasibility of each attack. This paper specializes prior research by submitting the generated prioritized list to an automotive-specific Attack Evaluation Process (AAEP). With a combination of simulation and vehicle instrumented real-time execution, the AAEP confirms each candidate attack. The AAEPs output is used as feedback to refine the Alloy model. VDS is designed to support short product release cycles. The AAEP separates domain-specific from domain-independent aspects so the VDS can be rapidly retargeted.
Keywords :
automobiles; control engineering computing; security of data; AAEP; AP; Alloy model; CPS; VDS; applied vulnerability detection system; attack point database; automotive-specific attack evaluation process; complex cyber physical systems; composite device-level attack scenarios; domain-independent aspects; domain-specific aspects; emergent vulnerabilities; hierarchical task network; short product release cycles; vulnerability information; Automotive engineering; Irrigation; Semantics;
Conference_Titel :
Technologies for Homeland Security (HST), 2015 IEEE International Symposium on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4799-1736-5
DOI :
10.1109/THS.2015.7225296
