Papers
Topics
Authors
Recent
Search
2000 character limit reached

ACTISM: Threat-informed Dynamic Security Modelling for Automotive Systems

Published 30 Nov 2024 in cs.CR | (2412.00416v3)

Abstract: Evolving cybersecurity threats in complex cyber-physical systems pose significant risks to system functionality and safety. This experience report introduces ACTISM (Automotive Consequence-Driven and Threat-Informed Security Modelling), an integrated security modelling framework that enhances the resilience of automotive systems by dynamically updating their cybersecurity posture in response to prevailing and evolving threats, attacker tactics, and their impact on system functionality and safety. ACTISM addresses the existing knowledge gap in static security assessment methodologies by providing a dynamic and iterative framework. We demonstrate the effectiveness of ACTISM by applying it to a real-world example of the Tesla Electric Vehicle's In-Vehicle Infotainment system, illustrating how the security model can be adapted as new threats emerge. We also report the results of a practitioners' survey on the usefulness of ACTISM and its future directions. The survey highlights avenues for future research and development in this area, including automated vulnerability management workflows for automotive systems.

Summary

No one has generated a summary of this paper yet.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.