UnCle SAM : Modeling Cloud Attacks with the Automotive Security Abstraction Model


Driverless (autonomous) vehicles will have greater attack potential than any other individual mobility vehicles ever before. Most intelligent vehicles require communication interfaces to the environment, direct connections (e.g., Vehicle-to-X (V2X)) to an Original Equipment Manufacturer (OEM) backend service or a cloud. By connecting to the Internet, which is not only necessary for the infotainment systems, cars could increasingly turn into targets for malware or botnet attacks. Remote control via the Internet by a remote attacker is also conceivable, as has already been impressively demonstrated. This paper examines security modeling for cloud-based remote attacks on autonomous vehicles using a Security Abstraction Model (SAM) for automotive software systems). SAM adds to the early phases of (automotive) software architecture development by explicitly documenting attacks and handling them with security techniques. SAM also provides the basis for comprehensive security analysis techniques, such as the already available Common Vulnerability Scoring System (CVSS) or any other attack assessment system.

CLOUD COMPUTING 2019, The Tenth International Conference on Cloud Computing, GRIDs, and Virtualization