Computer security and communication issues in automobiles: Identification and analysis of security issues using a threat-modelling approach

Car manufacturers are building vehicles with a greater emphasis on connectivity, thus making them more convenient – but also more susceptible to attacks from malicious parties. There are many methodologies in use by manufacturers to combat these threats but there is no consensus on which is the most effective. The aim of this project is to determine that threat modelling (TM) could be used in the life cycle of a product to make it more secure. In the area of security. TM is a methodology that is used to identify risks by modelling the structure of a system.

To test the claim that TM is efficient and useful to the security of vehicles, a specific TM software was used on a simulated vehicle. By modelling the vehicle and its components, a list of threats was generated and sorted according to risk factor. The most problematic threats were tested against the system. The results of the TM exercise were then compared to the results generated by a fuzzing test, which is a test that sends randomly generated data to the system to detect any errors.

The results point towards a higher efficiency, both in time and threat identification. However, not all the generated threats were accurate, so further testing would be required to improve the model itself.

The results show that TM could improve security testing in the car industry. It allows for the developers to get a list of the significant potential threats. Therefore, if an adequate TM software would be applied early on into the life cycle of the system’s development , it would allow the developers to work on the most significant problems as efficiently as possible, and with no impact on the consumer.

Figure 1. Threat model of car lock
Figure 2: Attacking device linked to the controller area network (CAN) of the vehicle
Student: Gianluca Conti
Course: B.Sc. IT (Hons.) Software Development
Supervisor: Dr Clyde Meli