Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top

2024 | Book

Introduction Read chapter Read first chapter

Automotive Security Analyzer for Exploitability Risks

An Automated and Attack Graph-Based Evaluation of On-Board Networks

Author: Martin Salfer

Publisher: Springer Fachmedien Wiesbaden

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik"

Login to get access
insite
SEARCH

About this book

Our lives depend on automotive cybersecurity, protecting us inside and near vehicles. If vehicles go rogue, they can operate against the driver’s will and potentially drive off a cliff or into a crowd. The “Automotive Security Analyzer for Exploitability Risks” (AutoSAlfER) evaluates the exploitability risks of automotive on-board networks by attack graphs. AutoSAlfER’s Multi-Path Attack Graph algorithm is 40 to 200 times smaller in RAM and 200 to 5 000 times faster than a comparable implementation using Bayesian networks, and the Single-Path Attack Graph algorithm constructs the most reasonable attack path per asset with a computational, asymptotic complexity of only O(n * log(n)), instead of O(n²). AutoSAlfER runs on a self-written graph database, heuristics, pruning, and homogenized Gaussian distributions and boosts people’s productivity for a more sustainable and secure automotive on-board network. Ultimately, we enjoy more safety and security in and around autonomous, connected, electrified, and shared vehicles.


Table of Contents

Frontmatter
Chapter 1. Introduction
Abstract
Our lives depend on automotive cybersecurity, protecting us inside and near vehicles. Steering and brakes are nowadays usually controlled by computers. If they go rogue, they can operate the vehicle against the driver’s will and potentially drive off a cliff or into a crowd.
Martin Salfer
Chapter 2. Basics and Related Work
Abstract
The Basics and Related Work chapter provides background information on this dissertation’s basis. The parts of this chapter follow a funnel shape: from the initial motivator, hacker attacks on vehicles and their data, over state-of-the-art IT security countermeasures and assessments, e.g., attack graphs, till its foundations, e.g., stochastics.
Martin Salfer
Chapter 3. System Model, Attacker Profile, Exploit Model, Attack Graphs and Exploitability Quantification
Abstract
The Models chapter introduces the representations of automotive on-board networks, anticipated attackers, anticipated exploits, and attack graphs, as well as a quantification of the attack surface exploitability.
Martin Salfer
Chapter 4. Single-Path Attack Graph Algorithm
Abstract
The (Single-Path Attack Graph Algorithm) chapter contributes an algorithm and a PoC implementation for generating single-path attack graphs for an entire system.
Martin Salfer
Chapter 5. Multi-Path Attack Graph Algorithm
Abstract
The (Multi-Path Attack Graph Algorithm) chapter contributes an algorithm (P3Salfer) and an implementation for generating multi-path attack graphs, which are a superset of single-path attack graphs by allowing several paths toward a goal node for a more realistic risk result. Bayesian networks are also generated and inferred with an algorithm (P3Bayes) for comparison.
Martin Salfer
Chapter 6. Conclusion
Abstract
In this dissertation, I initiated, designed, implemented, and evaluated an automated, attack graph-based evaluation of exploitability risks of on-board networks for automotive cybersecurity.
Martin Salfer
Backmatter
Metadata
Title
Automotive Security Analyzer for Exploitability Risks
Author
Martin Salfer
Copyright Year
2024
Electronic ISBN
978-3-658-43506-6
Print ISBN
978-3-658-43505-9
DOI
https://doi.org/10.1007/978-3-658-43506-6