THREAT MOVE (THREAT MOdeling and simulation of VEhicle IT)

Reference number
Coordinator KUNGLIGA TEKNISKA HÖGSKOLAN - KTH EES
Funding from Vinnova SEK 7 079 900
Project duration October 2017 - September 2021
Status Ongoing
Venture 2015-06058-en

Purpose and goal

The increasing level of computerization makes modern vehicles vulnerable to cyber attacks. Software-based tools for threat modeling and simulation can be used to assess the probability that an attacker manages to reach different parts of the vehicle system. However, today there are no such tools for the transport domain. The goal is to develop a threat modeling and simulation language that allows for real-world modeling and simulation of vehicle information system attacks, as well as implementing and testing the language with real-world systems.

Expected results and effects

The threat modeling and attack simulation language for vehicle IT will be useful in both design and operational phases, thus contributing to increased understanding of security challenges and risks. The language will be freely available to the automotive industry, academia and other interested parties. Furthermore, the language will be concretized as a module in securiCAD from Foreseeti. The work will build up security skills in general and for vehicle IT specifically. Several research articles will be published where methods and models are presented and validated with use cases.

Planned approach and implementation

The project is expected to last from October 2017 to September 2021 and is divided into eight work packages: (i) project management, (ii) development of a framework for the domain-specific language, (iii) design of the domain-specific modeling and analysis language for security in automotive IT, (iv) implementation, (v) iterative testing and validation of the domain-specific language, (vi) inclusion of Tool chain integration, (vii) vehicle security parameters, and (viii) dissemination. The work will be done iteratively.

The project description has been provided by the project members themselves and the text has not been looked at by our editors.

Last updated 8 January 2019

Reference number 2017-03087

Page statistics