THREAT MOVE (THREAT MOdeling and simulation of VEhicle IT)
|Coordinator||KUNGLIGA TEKNISKA HÖGSKOLAN - KTH EES|
|Funding from Vinnova||SEK 7 079 900|
|Project duration||October 2017 - September 2021|
Purpose and goal
The increasing level of computerization makes modern vehicles vulnerable to cyber attacks. Software-based tools for threat modeling and simulation can be used to assess the probability that an attacker manages to reach different parts of the vehicle system. However, today there are no such tools for the transport domain. The goal is to develop a threat modeling and simulation language that allows for real-world modeling and simulation of vehicle information system attacks, as well as implementing and testing the language with real-world systems.
Expected results and effects
The threat modeling and attack simulation language for vehicle IT will be useful in both design and operational phases, thus contributing to increased understanding of security challenges and risks. The language will be freely available to the automotive industry, academia and other interested parties. Furthermore, the language will be concretized as a module in securiCAD from Foreseeti. The work will build up security skills in general and for vehicle IT specifically. Several research articles will be published where methods and models are presented and validated with use cases.
Planned approach and implementation
The project is expected to last from October 2017 to September 2021 and is divided into eight work packages: (i) project management, (ii) development of a framework for the domain-specific language, (iii) design of the domain-specific modeling and analysis language for security in automotive IT, (iv) implementation, (v) iterative testing and validation of the domain-specific language, (vi) inclusion of Tool chain integration, (vii) vehicle security parameters, and (viii) dissemination. The work will be done iteratively.