THREAT MOVE (THREAT MOdeling and simulation of VEhicle IT)

Purpose and goal

The project "Threat modeling and simulation of vehicle IT" 2017-2022, had the purpose to develop a method that can model and simulate the cyber security of the internal IT environments in vehicles. KTH and Foreseeti have previously developed a framework that formed the basis for the work in this project. Using this framework, the project developed a domain-specific threat modeling and attack simulation language for vehicle IT, called vehicleLang. The language has been tested through both academic and practical activities. A tested vehicleLang was the main deliverable in the project.

Expected results and effects

The project has produced more than eight academic articles, sixteen theses, thirteen vulnerabilities, and multitudes of media appearances. For example: Katsikeas, Johnsson, Hacks, & Lagerström, "VehicleLang: A probabilistic modeling and simulation language for modern vehicle IT infrastructures," in Computers & Security, vol. 117, 2022. van der Schoot, “Validating vehicleLang, a domain-specific threat modeling language, from an attacker and industry perspective,” KTH, 2020. CVE-2019-12941 Svt Nyheter, 11 Oct. 2020, "Warning: Connected cars can be hacked and taken over".

Planned approach and implementation

The project was led by the Royal Institute of Technology and was a collaboration between Foreseeti, WithSecure, Scania, and Volvo Cars. It was very successful bringing the entire value chain from research, via innovative companies, to end users. In addition to the main deliverable, vehicleLang, another focus has been on penetration tests of vehicle equipment. To examine how resilient various components are against IT attacks. These tests have both provided insights directly applicable to its developers and input to the modeling language.

External links

https://autosec.se/threat-move-results/