Skip to main content
SpringerLink
Log in

Attack Tree Construction and Its Application to the Connected Vehicle

  • Chapter
Cyber-Physical Systems Security

Abstract

Remote connectivity of today’s and future cars increases their capabilities of autonomy and safety, but also their attack surface, as reported by several research papers. In the automotive domain, the security has a direct impact on the user’s safety. Thus, the management of risk is becoming the main concern of automotive manufacturers, especially for the future fully connected and autonomous cars. A possible way to quantify the overall risk of a system is the systematic construction of attack graphs and attack trees. These formalisms are presented as one of the possible solutions in the new Cybersecurity Guidebook for Cyber-Physical Vehicle Systems (SAE-J3061). In this chapter we propose to use graph transformation to formally model the car architecture and its state evolution in order to study cyber-physical attacks against it. The resulting attacks are converted into attack trees which are used to estimate the overall risk of the system. Consequently, it becomes possible to study improvements while building a more secure architecture. The proposed method is designed to support the conceptual phase of the vehicle’s cyber-physical system. We illustrate the method on a small pedagogical example to show how it is possible to prove its efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of the 9th ACM Conference on Computer and Communications Security (ACM, New York, 2002), pp. 217–224

    Google Scholar 

  2. L. Apvrille, Y. Roudier, Sysml-sec attack graphs: compact representations for complex attacks, in International Workshop on Graphical Models for Security (Springer, Berlin, 2015), pp. 35–49

    Google Scholar 

  3. L. Apvrille, L. Li, Y. Roudier, Model-driven engineering for designing safe and secure embedded systems, in Architecture-Centric Virtual Integration (ACVI), 2016 (IEEE, Piscataway, 2016), pp. 4–7

    Google Scholar 

  4. S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al., Comprehensive experimental analyses of automotive attack surfaces, in USENIX Security Symposium, San Francisco (2011)

    Google Scholar 

  5. T. Dimkov, W. Pieters, P. Hartel, Portunes: representing attack scenarios spanning through the physical, digital and social domain, in Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (Springer, Berlin, 2010), pp. 112–129

    Google Scholar 

  6. I.D. Foster, A. Prudhomme, K. Koscher, S. Savage, Fast and vulnerable: a story of telematic failures, in WOOT’15 Proceedings of the 9th USENIX Conference on Offensive Technologies (2015)

    Google Scholar 

  7. Groove: graphs for object-oriented verification. http://groove.cs.utwente.nl/

  8. T. Hoppe, S. Kiltz, J. Dittmann, Security threats to automotive can networks–practical examples and selected short-term countermeasures, in International Conference on Computer Safety, Reliability, and Security (Springer, Berlin, 2008), pp. 235–248

    Google Scholar 

  9. K. Ingols, R. Lippmann, K. Piwowarski, Practical attack graph generation for network defense, in 22nd Annual Computer Security Applications Conference, 2006. ACSAC’06 (IEEE, Piscataway, 2006), pp. 121–130

    Google Scholar 

  10. M.G. Ivanova, C.W. Probst, R.R. Hansen, F. Kammüller, Transforming graphical system models to graphical attack models, in International Workshop on Graphical Models for Security (Springer, Berlin, 2015), pp. 82–96

    Google Scholar 

  11. S. Jajodia, S. Noel, Topological vulnerability analysis, in Cyber Situational Awareness (Springer, Berlin, 2010), pp. 139–154

    Google Scholar 

  12. K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., Experimental security analysis of a modern automobile, in 2010 IEEE Symposium on Security and Privacy (SP) (IEEE, Piscataway, 2010), pp. 447–462

    Book  Google Scholar 

  13. R. Kumar, E. Ruijters, M. Stoelinga, Quantitative attack tree analysis via priced timed automata, in International Conference on Formal Modeling and Analysis of Timed Systems (Springer, Berlin, 2015), pp. 156–171

    MATH  Google Scholar 

  14. F. Lugou, L.W. Li, L. Apvrille, R. Ameur-Boulifa, Sysml models and model transformation for security, in Conferénce on Model-Driven Engineering and Software Development (Modelsward’2016) (2016)

    Google Scholar 

  15. C. Miller, C. Valasek, Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015)

    Google Scholar 

  16. X. Ou, S. Govindavajhala, A.W. Appel, Mulval: a logic-based network security analyzer, in USENIX Security (2005)

    Google Scholar 

  17. C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis, in Proceedings of the 1998 Workshop on New Security Paradigms (ACM, New York, 1998), pp. 71–79

    Google Scholar 

  18. R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities, in SP’00 Proceedings of the 2000 IEEE Symposium on Security and Privacy (IEEE, Piscataway, 2000), pp. 156–165

    Google Scholar 

  19. M. Salfer, C. Eckert, Attack surface and vulnerability assessment of automotive electronic control units, in 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), vol. 4 (IEEE, Piscataway, 2015), pp. 317–326

    Google Scholar 

  20. M. Salfer, H. Schweppe, C. Eckert, Efficient attack forest construction for automotive on-board networks, in International Conference on Information Security (Springer, Berlin, 2014), pp. 442–453

    Google Scholar 

  21. B. Schneier, Attack trees. Dr. Dobbâs J. 24(12), 21–29 (1999)

    Google Scholar 

  22. O. Sheyner, J. Haines, S. Jha, R. Lippmann, J.M. Wing, Automated generation and analysis of attack graphs, in 2002 Proceedings IEEE Symposium on Security and Privacy (IEEE, Piscataway, 2002), pp. 273–284

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Télécom ParisTech, Paris, France

    Khaled Karray, Jean-Luc Danger & Sylvain Guilley

  2. Secure-IC S.A.S., Cesson-Sévigné, France

    Jean-Luc Danger

  3. Secure-IC, Paris, France

    Sylvain Guilley

  4. École normale supérieure, Paris, France

    Sylvain Guilley

  5. PSA-GROUPE, Paris, France

    M. Abdelaziz Elaabid

Authors
  1. Khaled Karray
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jean-Luc Danger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sylvain Guilley
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. M. Abdelaziz Elaabid
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Khaled Karray .

Editor information

Editors and Affiliations

  1. İstinye University, İstanbul, Turkey

    Çetin Kaya Koç

  2. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Çetin Kaya Koç

  3. University of California Santa Barbara, Santa Barbara, CA, USA

    Çetin Kaya Koç

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this chapter

Cite this chapter

Karray, K., Danger, JL., Guilley, S., Abdelaziz Elaabid, M. (2018). Attack Tree Construction and Its Application to the Connected Vehicle. In: Koç, Ç.K. (eds) Cyber-Physical Systems Security. Springer, Cham. https://doi.org/10.1007/978-3-319-98935-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-98935-8_9

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-98934-1

  • Online ISBN: 978-3-319-98935-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation