Security for Cyber-Physical and Automotive Systems

Hacking attacks on critical infrastructures and cyber-physical systems in particular have a high variance of attack motivations and assets. In addition to possible interests in intellectual property (IP) or privacy aspects, the manipulation and destruction of these systems plays a central role. In the worst case, attacks are pursued with the aim of endangering life and limb, so that security must be regarded as indispensable for the safety of the systems. The attack vectors are also different and, taking the vehicle industry as an example, various studies show that the attackers act both externally (offboard) and to a large extent internally (onboard).

The protection mechanisms for the existing systems must be holistically aligned and coordinated with each other, and a sufficiently high degree of domain knowledge is often necessary in order to be able to assess the usefulness of individual measures or their combination. The security activities in this context extend over the entire product life cycle and include, within development, the hazard and risk analysis (ideally at the beginning of development), a definition and evaluation of coordinated protection concepts from a system perspective, the implementation of the measures in software, hardware and at the networking level, and verification and validation at all these levels. Likewise, security activities such as active incident management or the continuous update of security measures during system updates must be carried out "in the field" or during operation.

IEEM has been working on CPS security since its foundation in 2012. The many years of industrial background of all project leaders in various domains ensure a high level of both system and security expertise. A common approach is the modelling of CPS and security artefacts via domain-specific simulation tools. For example, IEEM has an "automotive victim network" as well as virtual images of industrial plants in the respective common domain languages, in which various security investigations can be embedded.

Some example projects of IEEM in different product life phases are:

• The definition and semi-automation for the combined development of a Security Threat and Risk Analysis (TARA) with a Safety Hazard and Risk Analysis (HARA). 
• The development of distributed firewall approaches and their deployment in emerging I/O architectures and onboard/offboard protocols. 
• The design and prototyping of a system to assess the cyber security of vehicles in the field through a main inspection (HU).
• The development of automotive and industrial forensics concepts and secure "authority event adapters".
• The design and semi-automation of penetration testing and further model-based testing for functional verification of system-level security concepts.
• The creation of a taxonomy for the evaluation of automotive security attacks as well as the creation of an automotive security vulnerability database 
• The design of a balanced automotive responsible disclosure strategy and its sample implementation.