an intruder model for vehicle SOA based on a
literature review, and (c) developed LAUFEN, an
SOA machinery for computing several activities of
a threat analysis, including attack paths.
ACKNOWLEDGMENTS
We thank the anonymous reviewers for valuable
comments. We thank Anait Boyajyan for the
assistance provided with the figures used in this article.
REFERENCES
(2018). SAE International Releases Updated Visual Chart
for Its “Levels of Driving Automation” Standard for
Self-Driving Vehicles.
(2019). Apollo Cyber RT. Available at https://cyber-rt.
readthedocs.io/.
(2022). Microsoft SDL Threat Modeling Tool.
Available at https://www.microsoft.com/en-us/
securityengineering/sdl/threatmodeling.
(2022). ThreatGet - Threat Analysis and Risk Management.
Available at https://www.threatget.com/.
Apollo (2021). An Open Autonomous Driving Platform.
https://github.com/ApolloAuto/apollo.
Aravantinos, V., Voss, S., Teufl, S., H
¨
olzl, F., and Sch
¨
atz,
B. (2015). AutoFOCUS 3: Tooling Concepts for
Seamless, Model-based Development of Embedded
Systems. In ACES-MB’15.
Armoush, A. (2010). Design Patterns for Safety-Critical
Embedded Systems. PhD thesis, RWTH Aachen
University.
Basin, D., Cremers, C., Dreier, J., Meier, S., Sasse, R.,
and Schmidte, B. (2022). Tamarin Prover https://
tamarin-prover.github.io/.
Blanchet, B., Cheval, V., Allamigeon, X., Smyth, B.,
and Sylvestre, M. (2022). ProVerif https://bblanche.
gitlabpages.inria.fr/proverif/.
Cheng, B. H. C., Doherty, B., Polanco, N., and Pasco, M.
(2019). Security Patterns for Automotive Systems. In
MODELS’19.
Chowdhury, A., Karmakar, G. C., Kamruzzaman, J., Jolfaei,
A., and Das, R. (2020). Attacks on Self-Driving Cars
and Their Countermeasures: A Survey. IEEE Access.
Dantas, Y. G., Barner, S., Ke, P., Nigam, V., and Schoepp, U.
(2022). Technical Report: Automating Vehicle SOA
Threat Analysis using a Model-Based Methodology.
Technical report.
Dantas, Y. G. and Nigam, V. (2022a). Automating Safety
and Security Co-Design through Semantically-Rich
Architectural Patterns. ACM Trans. Cyber Phys. Syst.
Dantas, Y. G. and Nigam, V. (2022b). https://github.com/
ygdantas/LAUFEN.
Dolev, D. and Yao, A. C. (1983). On the security of public
key protocols. IEEE Trans. Inf. Theory, 29(2):198–207.
Fockel, M., Schubert, D., Trentinaglia, R., Schulz, H.,
and Kirmair, W. (2022). Semi-automatic integrated
safety and security analysis for automotive systems. In
MODELSWARD’22.
F
¨
orster, D., Loderhose, C., Bruckschl
¨
ogl, T., and Wiemer,
F. (2019). Safety goals in vehicle security analyses: a
method to assess malicious attacks with safety impact.
In the 17th escar Europe - Embedded Security in Cars.
fortiss GmbH (2022). AutoFOCUS 2.21.
Hau, Z., Co, K. T., Demetriou, S., and Lupu, E. C.
(2021). Object removal attacks on lidar-based 3d object
detectors. CoRR, abs/2102.03722.
Hong, D. K., Kloosterman, J., Jin, Y., Cao, Y.,
Chen, Q. A., Mahlke, S. A., and Mao, Z. M.
(2020). AVGuardian: Detecting and Mitigating
Publish-Subscribe Overprivilege for Autonomous
Vehicle Systems. In EuroS&P’20.
ISO26262 (2018). ISO 26262, road vehicles — functional
safety — part 6: Product development: software level.
ISO/SAE 21434 (2020). Road vehicles - cybersecurity
engineering.
Jha, S., Cui, S., Banerjee, S. S., Cyriac, J., Tsai, T.,
Kalbarczyk, Z., and Iyer, R. K. (2020). ML-Driven
Malware that Targets AV Safety. In DSN 2020.
Komissarov, R. and Wool, A. (2021). Spoofing attacks
against vehicular FMCW radar. In ASHES@CCS’21.
Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G.,
Perri, S., and Scarcello, F. (2006). The DLV system for
knowledge representation and reasoning. ACM Trans.
Comput. Log., 7.
Leveson, N. G. and Thomas, J. P. (2018). STPA Handbook.
Macher, G., Sporer, H., Berlach, R., Armengaud, E., and
Kreiner, C. (2015). SAHARA: A Security-aware
Hazard and Risk Analysis Method. In DATE’15.
Sabaliauskaite, G., Liew, L. S., and Cui, J. C.
Shen, J., Wang, N., Wan, Z., Luo, Y., Sato, T., Hu, Z., Zhang,
X., Guo, S., Zhong, Z., Li, K., Zhao, Z., Qiao, C., and
Chen, Q. A. (2022). Sok: On the semantic AI security
in autonomous driving. CoRR, abs/2203.05314.
Shen, J., Won, J. Y., Chen, Z., and Chen, Q. A. (2020). Drift
with Devil: Security of Multi-Sensor Fusion based
Localization in High-Level Autonomous Driving under
GPS Spoofing. In USENIX’20.
Shostack, A. (2014). Threat Modeling: Designing for
Security. Wiley.
SOTIF, I. . (2021). Safety of the Intended Functionality.
UN (2021). UN Regulation No. 155 - Cyber security and
cyber security management system.
WIRED (2015). Hackers remotely kill a jeep on the
highway-with me in it. Available at https://www.wired.
com/2015/07/hackers-remotely-kill-jeep-highway/.
Xiong, W. and Lagerstr
¨
om, R. (2019). Threat modeling - A
systematic literature review. Comput. Secur., 84:53–69.
Zelle, D., Lauser, T., Kern, D., and Krauß, C.
(2021). Analyzing and Securing SOME/IP Automotive
Services with Formal and Practical Methods. In
ARES’21.
Automating Vehicle SOA Threat Analysis Using a Model-Based Methodology
191