Abstract
To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced.
We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.
| Language | English |
|---|---|
| Title of host publication | 2018 31st IEEE International System-on-Chip Conference (SOCC): Proceedings |
| Publisher | IEEE |
| Pages | 84-89 |
| Number of pages | 6 |
| ISBN (Electronic) | 978-1-5386-1491-4 |
| DOIs | |
| Publication status | Published - 21 Jan 2019 |
| Event | 31st International IEEE System-on-Chip Conference - Washington, United States Duration: 04 Sep 2018 → 07 Sep 2018 Conference number: 31 https://www.ieee-socc.org/ |
Publication series
| Name | IEEE International System-on-Chip Conference (SOCC): Proceedings |
|---|---|
| ISSN (Electronic) | 2164-1706 |
Conference
| Conference | 31st International IEEE System-on-Chip Conference |
|---|---|
| Abbreviated title | IEEE SoCC |
| Country | United States |
| City | Washington |
| Period | 04/09/2018 → 07/09/2018 |
| Internet address |
Fingerprint
Keywords
- Security Modelling
- Policy-based Security
- Embedded Security
- Threat Modelling
- Autonomous Car
- Cyberphysical systems
- System-on-chip
Cite this
}
Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures. / Hagan, Matthew; Siddiqui, Fahad ; Sezer, Sakir.
2018 31st IEEE International System-on-Chip Conference (SOCC): Proceedings. IEEE , 2019. p. 84-89 (IEEE International System-on-Chip Conference (SOCC): Proceedings).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
TY - GEN
T1 - Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures
AU - Hagan, Matthew
AU - Siddiqui, Fahad
AU - Sezer, Sakir
PY - 2019/1/21
Y1 - 2019/1/21
N2 - Complex embedded systems often contain hard to find vulnerabilities which, when exploited, have potential to cause severe damage to the operating environment and the user. Given that threats and vulnerabilities can exist within any layer of the complex eco-system, OEMs face a major challenge to ensure security throughout the device life-cycle To lower the potential risk and damage that vulnerabilities may cause, OEMs typically perform application threat analysis and security modelling. This process typically provides a high level guideline to solving security problems which can then be implemented during design and development. However, this concept presents issues where new threats or unknown vulnerability has been discovered.To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced.We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.
AB - Complex embedded systems often contain hard to find vulnerabilities which, when exploited, have potential to cause severe damage to the operating environment and the user. Given that threats and vulnerabilities can exist within any layer of the complex eco-system, OEMs face a major challenge to ensure security throughout the device life-cycle To lower the potential risk and damage that vulnerabilities may cause, OEMs typically perform application threat analysis and security modelling. This process typically provides a high level guideline to solving security problems which can then be implemented during design and development. However, this concept presents issues where new threats or unknown vulnerability has been discovered.To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced.We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.
KW - Security Modelling
KW - Policy-based Security
KW - Embedded Security
KW - Threat Modelling
KW - Autonomous Car
KW - Cyberphysical systems
KW - System-on-chip
U2 - 10.1109/SOCC.2018.8618544
DO - 10.1109/SOCC.2018.8618544
M3 - Conference contribution
T3 - IEEE International System-on-Chip Conference (SOCC): Proceedings
SP - 84
EP - 89
BT - 2018 31st IEEE International System-on-Chip Conference (SOCC): Proceedings
PB - IEEE
ER -