Formally Verified Software Update Management System in Automotive

Jaewan Seo, Jiwon Kwak, Seungjoo Kim (Korea University)

Through wireless networks, the number of cyberattacks on automotive systems is increasing. To respond to cyberattacks on automotive systems, the United Nations Economic Commission for Europe (UNECE) has enacted the UN Regulation series. Among them, UN R156 specifies the requirements that are necessary for the design and implementation of a software update management system (SUMS). However, the requirements of UN R156 are too abstract to develop the overall systems of SUMS. Therefore, we conducted threat modeling to obtain more specific security requirements than those specified in the UN R156. Based on the threat modeling, we proposed a secure SUMS architecture that meets specific security requirements. Finally, we formally verified whether our SUMS architecture logically meets the security requirements by Event-B.

Paper

Slides

Video

View More Papers

Faster Secure Comparisons with Offline Phase for Efficient Private...

Florian Kerschbaum (University of Waterloo), Erik-Oliver Blass (Airbus), Rasoul Akhavan Mahdavi (University of Waterloo)

Towards More Effective Responsible Disclosure for Vulnerability Research

Weiheng Bai and Qiushi Wu (University of Minnesota)

Navigating Murky Waters: Automated Browser Feature Testing for Uncovering...

Mir Masood Ali (University of Illinois Chicago), Binoy Chitale (Stony Brook University), Mohammad Ghasemisharif (University of Illinois Chicago), Chris Kanich (University of Illinois Chicago), Nick Nikiforakis (Stony Brook University), Jason Polakis (University of Illinois Chicago)