47,525 research outputs found
Identifying attack surfaces in the evolving space industry using reference architectures
The space environment is currently undergoing a substantial change and many new entrants to the market are deploying devices, satellites and systems in space; this evolution has been termed as NewSpace. The change is complicated by technological developments such as deploying machine learning based autonomous space systems and the Internet of Space Things (IoST). In the IoST, space systems will rely on satellite-to-x communication and interactions with wider aspects of the ground segment to a greater degree than existing systems. Such developments will inevitably lead to a change in the cyber security threat landscape of space systems. Inevitably, there will be a greater number of attack vectors for adversaries to exploit, and previously infeasible threats can be realised, and thus require mitigation. In this paper, we present a reference architecture (RA) that can be used to abstractly model in situ applications of this new space landscape. The RA specifies high-level system components and their interactions. By instantiating the RA for two scenarios we demonstrate how to analyse the attack surface using attack trees
A Real-Time Remote IDS Testbed for Connected Vehicles
Connected vehicles are becoming commonplace. A constant connection between
vehicles and a central server enables new features and services. This added
connectivity raises the likelihood of exposure to attackers and risks
unauthorized access. A possible countermeasure to this issue are intrusion
detection systems (IDS), which aim at detecting these intrusions during or
after their occurrence. The problem with IDS is the large variety of possible
approaches with no sensible option for comparing them. Our contribution to this
problem comprises the conceptualization and implementation of a testbed for an
automotive real-world scenario. That amounts to a server-side IDS detecting
intrusions into vehicles remotely. To verify the validity of our approach, we
evaluate the testbed from multiple perspectives, including its fitness for
purpose and the quality of the data it generates. Our evaluation shows that the
testbed makes the effective assessment of various IDS possible. It solves
multiple problems of existing approaches, including class imbalance.
Additionally, it enables reproducibility and generating data of varying
detection difficulties. This allows for comprehensive evaluation of real-time,
remote IDS.Comment: Peer-reviewed version accepted for publication in the proceedings of
the 34th ACM/SIGAPP Symposium On Applied Computing (SAC'19
Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks
The benefits of autonomous vehicles (AVs) are widely acknowledged, but there
are concerns about the extent of these benefits and AV risks and unintended
consequences. In this article, we first examine AVs and different categories of
the technological risks associated with them. We then explore strategies that
can be adopted to address these risks, and explore emerging responses by
governments for addressing AV risks. Our analyses reveal that, thus far,
governments have in most instances avoided stringent measures in order to
promote AV developments and the majority of responses are non-binding and focus
on creating councils or working groups to better explore AV implications. The
US has been active in introducing legislations to address issues related to
privacy and cybersecurity. The UK and Germany, in particular, have enacted laws
to address liability issues, other countries mostly acknowledge these issues,
but have yet to implement specific strategies. To address privacy and
cybersecurity risks strategies ranging from introduction or amendment of non-AV
specific legislation to creating working groups have been adopted. Much less
attention has been paid to issues such as environmental and employment risks,
although a few governments have begun programmes to retrain workers who might
be negatively affected.Comment: Transport Reviews, 201
- …