TY - GEN
T1 - An Open Software-Based Framework for Automotive Cybersecurity Testing
AU - Faschang, Thomas
AU - Macher, Georg
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - With the rise of cyberattacks in the last years, cybersecurity is of high importance in the context of the automotive domain [10, 22]. As current cars are more connected and reliant on embedded system technologies, the need for security engineering has tremendously accelerated. While ISO/SAE 21434 is available as a security engineering standard for the domain, frameworks and tools for cybersecurity training and testing of concepts are scarce. Automotive cybersecurity testbeds provide a specified and controlled environment for testing, evaluating, and learning cybersecurity solutions for vehicles, allowing researchers and engineers to be trained and upskill faster. Therefore, this work focuses on an embedded automotive systems framework for cybersecurity testing. The presented framework simulates a CAN controller network and allows researchers and engineers to test attack vectors and mitigation methods in a simulated environment, providing also basic implementations for the most common attack types. The presented framework is extendable for training and testing purposes with series controllers and real-world demonstrators.
AB - With the rise of cyberattacks in the last years, cybersecurity is of high importance in the context of the automotive domain [10, 22]. As current cars are more connected and reliant on embedded system technologies, the need for security engineering has tremendously accelerated. While ISO/SAE 21434 is available as a security engineering standard for the domain, frameworks and tools for cybersecurity training and testing of concepts are scarce. Automotive cybersecurity testbeds provide a specified and controlled environment for testing, evaluating, and learning cybersecurity solutions for vehicles, allowing researchers and engineers to be trained and upskill faster. Therefore, this work focuses on an embedded automotive systems framework for cybersecurity testing. The presented framework simulates a CAN controller network and allows researchers and engineers to test attack vectors and mitigation methods in a simulated environment, providing also basic implementations for the most common attack types. The presented framework is extendable for training and testing purposes with series controllers and real-world demonstrators.
KW - Automotive Cybersecurity
KW - Controller Area Network
KW - Software Security Testbed
UR - http://www.scopus.com/inward/record.url?scp=85172080234&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-42307-9_22
DO - 10.1007/978-3-031-42307-9_22
M3 - Conference paper
AN - SCOPUS:85172080234
SN - 9783031423062
T3 - Communications in Computer and Information Science
SP - 316
EP - 328
BT - Systems, Software and Services Process Improvement - 30th European Conference, EuroSPI 2023, Proceedings
A2 - Yilmaz, Murat
A2 - Clarke, Paul
A2 - Riel, Andreas
A2 - Messnarz, Richard
PB - Springer Science and Business Media Deutschland GmbH
CY - Cham
T2 - 30th European Conference on Systems, Software and Services Process Improvement
Y2 - 30 August 2023 through 1 September 2023
ER -