Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

ThreMA: Ontology-based Automated Threat Modelling for ICT Infrastructures

Threat Modelling allows defenders to identify threats to which the target system is exposed. Such a process requires a detailed infrastructure analysis to map threats to assets and to identify possible flaws. Unfortunately, the process is still mostly done manually and without the support of formally sound approaches. Moreover, Threat Modelling often involves teams with different levels of security knowledge, leading to different possible interpretation in the system under analysis representation. Threat modelling automation comes with two main challenges: (i) the need for a standard representation of models and data used in various stages of the process, establishing a formal vocabulary for all involved parties, and (ii) the requirement for a well-defined inference rule set enabling reasoning process automation for threat identification. The paper presents the ThreMA approach to automating threat modelling for ICT infrastructures, aiming at addressing the key automation issues through the use of ontologies. Specifically, a formal vocabulary for modelling an ICT infrastructure, a threat catalog and a set of inference rules needed to support the reasoning process for threat identification are provided. The proposed approach has been validated against actual significant case studies provided by different Stakeholders of the Italian Public Sector

D1.1 DEMAND ASSESSMENT FRAMEWORK

This report proposes the initial draft of the LeADS ADS Framework composed by three major elements; identification and definition of technologies in scope; skills included under those technologies, and definition of job roles, where other skills frameworks are considered for comparison and alignment. The report summarises the first workshop held by the project with external constituencies even though the feedback will be incorporated in the final version of the framework, where the layer of job roles will be completed, and the others revised according to additional input. This framework serves as reference for the next step in LeADS: the assessment of the demand and the supply

Adoption of emerging technologies established on Comprehensive capability maturity model framework: A new practical model

Copyright © 2016 International Business Information Management Association Organizations have adopted information communications technologies (ICT) at various time lines driven by business needs or due to technologies evolution. This has given raise to disparate systems based on various technologies and spaghetti architecture. This paper discusses why it's critical for organization to adopt the emerging technologies. The reasons behind the current state of the architecture. Suggests how organizations can make use of, The open group architecture framework (TOGAF) to develop enterprise architecture. Then they paper emphasis on the importance of Capability Maturity Assessment. The current practice of Capability Maturity Assessment by TOGAF, its drawbacks. Then based on the practical experiences, proposes Comprehensive Capability Maturity Model Assessment (CCMM) that covers across the phases of Architecture development method that provides the assessment of maturity to be more realistic

Threat Modeling of Cyber-Physical Systems in Practice

Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior that jeopardizes the performance and safety measures that were originally designed into the system. In this paper, we explore the approaches to identify threats to CPSs and ensure the quality of the created threat models. The study involves interviews with eleven security experts working in security consultation companies, software engineering companies, an Original Equipment Manufacturer (OEM),and ground and areal vehicles integrators. We found through these interviews that the practitioners use a combination of various threat modeling methods, approaches, and standards together when they perform threat modeling of given CPSs. key challenges practitioners face are: they cannot transfer the threat modeling knowledge that they acquire in a cyber-physical domain to other domains, threat models of modified systems are often not updated, and the reliance on mostly peer-evaluation and quality checklists to ensure the quality of threat models. The study warns about the difficulty to develop secure CPSs and calls for research on developing practical threat modeling methods for CPSs, techniques for continuous threat modeling, and techniques to ensure the quality of threat models

Self-organising smart grid architectures for cyber-security

PhD ThesisCurrent conventional power systems consist of large-scale centralised generation and unidirectional power flow from generation to demand. This vision for power system design is being challenged by the need to satisfy the energy trilemma, as the system is required to be sustainable, available and secure. Emerging technologies are restructuring the power system; the addition of distributed generation, energy storage and active participation of customers are changing the roles and requirements of the distribution network. Increased controllability and monitoring requirements combined with an increase in controllable technologies has played a pivotal role in the transition towards smart grids. The smart grid concept features a large amount of sensing and monitoring equipment sharing large volumes of information. This increased reliance on the ICT infrastructure, raises the importance of cyber-security due to the number of vulnerabilities which can be exploited by an adversary. The aim of this research was to address the issue of cyber-security within a smart grid context through the application of self-organising communication architectures. The work examined the relevance and potential for self-organisation when performing voltage control in the presence of a denial of service attack event. The devised self-organising architecture used techniques adapted from a range of research domains including underwater sensor networks, wireless communications and smart-vehicle tracking applications. These components were redesigned for a smart grid application and supported by the development of a fuzzy based decision making engine. A multi-agent system was selected as the source platform for delivering the self-organising architecture The application of self-organisation for cyber-security within a smart grid context is a novel research area and one which presents a wide range of potential benefits for a future power system. The results indicated that the developed self-organising architecture was able to avoid control deterioration during an attack event involving up to 24% of the customer population. Furthermore, the system also reduces the communication load on the agents involved in the architecture and demonstrated wider reaching benefits beyond performing voltage control

Cybersecurity Architectural Analysis for Complex Cyber-Physical Systems

In the modern military’s highly interconnected and technology-reliant operational environment, cybersecurity is rapidly growing in importance. Moreover, as a number of highly publicized attacks have occurred against complex cyber-physical systems such as automobiles and airplanes, cybersecurity is no longer limited to traditional computer systems and IT networks. While architectural analysis approaches are critical to improving cybersecurity, these approaches are often poorly understood and applied in ad hoc fashion. This work addresses these gaps by answering the questions: 1. “What is cybersecurity architectural analysis?” and 2. “How can architectural analysis be used to more effectively support cybersecurity decision making for complex cyber-physical systems?” First, a readily understandable description of key architectural concepts and definitions is provided which culminates in a working definition of “cybersecurity architectural analysis,” since none is available in the literature. Next, we survey several architectural analysis approaches to provide the reader with an understanding of the various approaches being used across government and industry. Based on our proposed definition, the previously introduced key concepts, and our survey results, we establish desirable characteristics for evaluating cybersecurity architectural analysis approaches. Lastly, each of the surveyed approaches is assessed against the characteristics and areas of future work are identified

IoT Security Adoption into Business Processes: A Socio-Technical View

Recently, the Internet of Things (IoT) has gained huge focus and has led to the generation of valuable data to create new value propositions for organisations. It is important to explore the impact these developments have on our society. IoT security is identified as the key issue amongst all the IoT applications and presents numerous social and technical challenges. We conducted interviews with IoT experts and the results illustrated how holistic security issues in IoT are undermined and to further emphasize the importance of addressing these issues by accommodating security into IoT business processes. This approach facilitated the assessment and identification of security threats from both social and technical perspectives. Our outcome highlights that IoT security must be implemented into IoT aware business processes to make the technology human centered, despite the challenges involved

Toward a conceptual framework for designing sustainable cyber-physical system architectures: A systematic mapping study

Cyber-physical systems (CPS) represent devices whose components enable interaction between machines and processes. One of the biggest challenges of these systems today is the ability to adjust to changes at the time of execution as they are implemented in environments with a multidimensional complexity, this challenge is currently addressed from the design of the systems themselves by integrating sustainability. With this problem in mind, the present document describes a systematic mapping study of the literature with the goal of demonstrating the current panorama of the frameworks, designs, and/or models used at the time of initiating the development of a cyber-physical system. As a result, it has been concluded that there is a lack of guidelines to construct sustainable, and evolvable cyber-physical systems. To address these issues, a framework for designing sustainable CPS architectures is outlined