Formally Verified Software Update Management System in Automotive

Jaewan Seo, Jiwon Kwak, Seungjoo Kim (Korea University)

Through wireless networks, the number of cyberattacks on automotive systems is increasing. To respond to cyberattacks on automotive systems, the United Nations Economic Commission for Europe (UNECE) has enacted the UN Regulation series. Among them, UN R156 specifies the requirements that are necessary for the design and implementation of a software update management system (SUMS). However, the requirements of UN R156 are too abstract to develop the overall systems of SUMS. Therefore, we conducted threat modeling to obtain more specific security requirements than those specified in the UN R156. Based on the threat modeling, we proposed a secure SUMS architecture that meets specific security requirements. Finally, we formally verified whether our SUMS architecture logically meets the security requirements by Event-B.

Paper

Slides

Video

View More Papers

FCGAT: Interpretable Malware Classification Method using Function Call Graph...

Minami Someya (Institute of Information Security), Yuhei Otsubo (National Police Academy), Akira Otsuka (Institute of Information Security)

Investigating the Impact of Evasion Attacks Against Automotive Intrusion...

Paolo Cerracchio, Stefano Longari, Michele Carminati, Stefano Zanero (Politecnico di Milano)

On the Vulnerability of Traffic Light Recognition Systems to...

Sri Hrushikesh Varma Bhupathiraju (University of Florida), Takami Sato (University of California, Irvine), Michael Clifford (Toyota Info Labs), Takeshi Sugawara (The University of Electro-Communications), Qi Alfred Chen (University of California, Irvine), Sara Rampazzi (University of Florida)