Using Cyber Digital Twins for Automated Automotive Cybersecurity Testing

TL;DR

This paper introduces a novel methodology using cyber digital twins to automate and enhance cybersecurity testing of automotive systems, enabling on-the-fly, effective security validation without prior system knowledge.

Contribution

It presents a new approach combining pattern matching, binary analysis, and model-checking to generate attack vectors dynamically for automotive cybersecurity testing.

Findings

Enables automated generation of attack vectors in real-time

Supports black box testing with minimal prior knowledge

Improves validation of automotive cybersecurity measures

Abstract

Cybersecurity testing of automotive systems has become a practical necessity, with the wide adoption of advanced driving assistance functions and vehicular communications. These functionalities require the integration of information and communication technologies that not only allow for a plethora of on-the-fly configuration abilities, but also provide a huge surface for attacks. Theses circumstances have also been recognized by standardization and regulation bodies, making the need for not only proper cybersecurity engineering but also proving the effectiveness of security measures by verification and validation through testing also a formal necessity. In order to keep pace with the rapidly growing demand of neutral-party security testing of vehicular systems, novel approaches are needed. This paper therefore presents a methodology to create and execute cybersecurity test cases on the fly in a black box setting by using pattern matching-based binary analysis and translation mechanisms to formal attack descriptions as well as model-checking techniques. The approach is intended to generate meaningful attack vectors on a system with next-to-zero a priori knowledge.