Paper accepted @ ICISSP

Sotirios Katsikeas, Pontus Jonson, Simon Hacks and Robert Lagerström: Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language

This paper, written by Simon Hacks and his colleagues from KTH Royal Institute of Technology, got accepted at the  5th International Conference on Information Systems Security and Privacy (ICISSP), held in Prague, 2019.

Abstract

Attack simulations are a feasible means to assess the cyber security of systems. The simulations trace the steps taken by an attacker to compromise sensitive system assets. Moreover, they allow to estimate the time conducted by the intruder from the initial step to the compromise of assets of interest. One commonly accepted approach for such simulations are attack graphs, which model the attack steps and their dependencies in a formal way.

To reduce the effort of creating new attack graphs for each system of a given type, domain-specific attack languages may be employed. They codify common attack logics of the considered domain. Consequently, they ease the reuse of models and, thus, facilitate the modeling of a specific system in the domain. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop domain specific attack languages.

In this article, we present vehicleLang, which can be used to design vehicles with respect to their IT infrastructure and to analyze their weaknesses related to known attacks. To model domain specifics in our language, we rely on existing literature and verify the language using an interview with a domain expert from the automotive industry. To evaluate our results, we perform a Systematic Literature Review (SLR) to identify possible attacks against vehicles. Those attacks serve as a blueprint for test cases checked against the vehicleLang specification.