Constructing Tool-based Security Test Sequences for Vehicles as High-tech Data-rich Systems

Alexandr Vasenev; Stelios Karagiannis; Roland Mathijssen

doi:10.5220/0009575200530058

Constructing Tool-based Security Test Sequences for Vehicles as High-tech Data-rich Systems

Alexandr Vasenev, Stelios Karagiannis, Roland Mathijssen

2020

Abstract

Vehicles, as a prime example of high-tech systems, get increasingly connected and data-centric with the need to process personally identifiable information. Often, companies that develop such systems act as integrators and need to comply to adequate data protection requirements. For instance, GDPR requires securing personal data. Yet, testing security of data (including, but not limited to personal data) is challenging. Penetration testing often starts from the outside of the system and take place at the end of the development lifecycle. This may be insufficient to adequately test for potential errors hidden within system boundaries. Having methods to design, execute, and reuse (automated) security test cases on a ‘white-box’ system is desirable. This positioning paper proposes an approach to design tool-based security test sequences. We structurally approach high-level data storing, processing, and communicating functionality in connection to the system boundary. We suggest to use pen-testing tools and sequences for testing the functionality of the vehicle’s (sub)system, before test-enabling interfaces are removed. This paper intends to contribute to discussions how to test layered defense implementations. The proposed approach is undergoing extensions and validations.

Download

Paper Citation

in Harvard Style

Vasenev A., Karagiannis S. and Mathijssen R. (2020). Constructing Tool-based Security Test Sequences for Vehicles as High-tech Data-rich Systems.In Proceedings of the 6th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS, ISBN 978-989-758-419-0, pages 53-58. DOI: 10.5220/0009575200530058

in Bibtex Style

@conference{vehits20,
author={Alexandr Vasenev and Stelios Karagiannis and Roland Mathijssen},
title={Constructing Tool-based Security Test Sequences for Vehicles as High-tech Data-rich Systems},
booktitle={Proceedings of the 6th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS,},
year={2020},
pages={53-58},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009575200530058},
isbn={978-989-758-419-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Vehicle Technology and Intelligent Transport Systems - Volume 1: VEHITS,
TI - Constructing Tool-based Security Test Sequences for Vehicles as High-tech Data-rich Systems
SN - 978-989-758-419-0
AU - Vasenev A.
AU - Karagiannis S.
AU - Mathijssen R.
PY - 2020
SP - 53
EP - 58
DO - 10.5220/0009575200530058