Abstract
The increasing complexity and autonomy of modern automotive systems, together with the safety-sensitive nature of many vehicle information flows require a careful analysis of the security requirements and adequate mechanisms for ensuring integrity and confidentiality of data. This is especially true for (semi-)autonomous vehicle systems, in which user intervention is limited or absent, and information must be trusted. This paper provides a proposal for the representation of high-level security properties in the specification of application components according to the AUTOSAR standard (AUTomotive Open System ARchitecture). An automatic generation of security components from security-annotated AUTOSAR specifications is also proposed. It provides for the automatic selection of the adequate security mechanisms based on a high-level specification, thus avoiding complex and error-prone manual encodings by the designer. These concepts and tools are applied to a paradigmatic example in order to show their simplicity and efficacy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Martini, S., Di Baccio, D., Romero, F.A., Jiménez, A.V., Pallottino, L., Dini, G., Ollero, A.: Distributed motion misbehavior detection in teams of heterogeneous aerial robots. Robot. Auton. Syst. 74, 30–39 (2015)
Caiti, A., Calabro, V., Dini, G., Duca, A.L., Munafo, A.: Secure cooperation of autonomous mobile sensors using an underwater acoustic network. Sensors 12(2), 1967–1989 (2012)
Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing, sensors. IEEE Micro 33(1), 80–86 (2013)
Sangiovanni-Vincentelli, A., Di Natale, M.: Embedded system design for automotive applications. Computer 10, 42–51 (2007)
Guizzo, E.: How Google’s self-driving car works. IEEE Spectr. Online 18 (2011)
Barari, A.: GM Promises Autonomus Vehicles by End of Decade, 17 October 2011. http://www.motorward.com/2011/10/gm-promisesautonomous-vehicles-by-end-of-decade
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE (2010)
Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium, San Francisco (2011)
AUTOSAR. (http://www.autosar.org/)
Di Natale, M., Sangiovanni-Vincentelli, A.: Moving from federated to integrated architectures in automotive: the role of standards, methods and tools. Proc. IEEE 98(4), 603–620 (2010)
AUTOSAR. Specification of Safety Extensions: AUTOSAR Release 4.2.1
AUTOSAR. Specification of Security Extensions: AUTOSAR Release 4.2.1
Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)
Jürjens, J.: Towards development of secure systems using UMLsec. In: Hussmann, H. (ed.) FASE 2001. LNCS, vol. 2029, pp. 187–200. Springer, Heidelberg (2001)
Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 100–109. ACM (2003)
Saadatmand, M., Cicchetti, A., Sjödin, M.: On the need for extending marte with security concepts. In: International Workshop on Model Based Engineering for Embedded Systems Design (M-BED 2011) (2011)
UML MARTE – The UML Profile for MARTE: Modeling and Analysis of Real-Time and Embedded Systems. http://www.omgmarte.org/
AUTOSAR. AUTOSAR Specification of Module Secure Onboard Communication: AUTOSAR Release 4.2.2
AUTOSAR. AUTOSAR Specification of Crypto Abstraction Library: AUTOSAR Release 4.2.2
AUTOSAR. AUTOSAR Specification of Crypto Service Manager: AUTOSAR Release 4.2.2
EVITA. Deliverable D2.3: Security requirements for automotive on-board networks based on dark-side scenarios. EU FP7 Project No. 224275, E-safety vehicle intrusion protected applications (2009). www.evita-project.org
Acknowledgement
This work has been developed under the framework of the European project SAFURE (Safety And Security By Design For Interconnected Mixed-Critical Cyber-Physical Systems) under grant agreement No. 644080.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Bernardeschi, C., Del Vigna, G., Di Natale, M., Dini, G., Varano, D. (2016). Using AUTOSAR High-Level Specifications for the Synthesis of Security Components in Automotive Systems. In: Hodicky, J. (eds) Modelling and Simulation for Autonomous Systems. MESAS 2016. Lecture Notes in Computer Science(), vol 9991. Springer, Cham. https://doi.org/10.1007/978-3-319-47605-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-47605-6_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47604-9
Online ISBN: 978-3-319-47605-6
eBook Packages: Computer ScienceComputer Science (R0)