The SAFERtec project on V2I security assurance: concept and vision

Slides:



Advertisements
Similar presentations
Module 1 Evaluation Overview © Crown Copyright (2000)
Advertisements

The design process IACT 403 IACT 931 CSCI 324 Human Computer Interface Lecturer:Gene Awyzio Room:3.117 Phone:
GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
ITIL: Service Transition
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
UGDIE KICK-OFF MEETING F-MAN 1 ΑΝΝΕΧ 1-A by UGDIE.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
Project Presentation.
Assurance Case Approach TECNALIA Inspiring Business Novara November, 2013 TRIAL WS.
IP-Based Emergency Applications and Services for Next Generation Networks PEACE Presented by Suji Gunaratne PhD.
ESA/ESTEC, TEC-QQS August 8, 2005 SAS_05_ESA SW PA R&D_Winzer,Prades Slide 1 Software Product Assurance (PA) R&D Road mapping Activities ESA/ESTEC TEC-QQS.
Benoît ESNAULT Commission de Régulation de l’Energie 17th Madrid Forum Madrid, 15 January year network development plan ERGEG recommendations.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
ISO 9001:2008 to ISO 9001:2015 Summary of Changes
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
SAFESPOT Project Kick off Meeting February 16 th and 17 th 2006 Rome 1 Integrated Project Co-operative Systems for Road Safety “Smart Vehicles on Smart.
The use of Formal Standards to Boost Creativity for Computing Students Gill Whitney Principal Lecturer, Middlesex University, School of Engineering and.
MANISH GUPTA. Presentation Outline Introduction Motivation Content Expected Impact Funding Schemes & Budget.
Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.
Experience from H2020 Proposals (a personal assessment)
DG Enterprise and Industry European Commission Standardisation Aspects of ICT and e-Business Antonio Conte Unit D4 - ICT for Competitiveness and Innovation.
IoT R&I on IoT integration and platforms INTERNET OF THINGS
SIS20 Ensuring long term viability of ITS decision making tools.
European Truck Platooning Conference Amsterdam, 07 April 2016 Liam Breslin Sustainable Surface Transport DG Research & Innovation European Commission Research.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI D4.4 and the EGI review Dr Linda Cornwall 19 th Sept 2011 D4.41.
Eric Peirano, Ph.D., TECHNOFI, COO
Security and resilience for Smart Hospitals Key findings
OrbEEt Project Introduction <Location>, <Date> Presenter
SAE Cybersecurity Standards Activity
Information Systems Development
ECHORD++: An Experiment in Robotics Innovation
UNDERSTANDING ISO 9001:2008.
Performing Risk Analysis and Testing: Outsource or In-house
ITIL: Service Transition
An Overview on Risk Management
Eric Peirano, Ph.D., TECHNOFI, COO
Analysis of Current Maturity Models and Standards
Update from the Faster Payments Task Force
Security of In-Vehicle Software
MEM Cybersecurity Working Group Update to PCD Technical Committee
Cyber Resilient Energy Delivery Consortium
Jack Pokrzywa Director Ground Vehicle Standards, SAE International
ASSET - Automotive Software cyber SEcuriTy
FMEA.
Standards for success in city IT and construction projects
HCI in the software process
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
GNSS opportunities in Road Transportation
Information Systems Development
V-Con project (October March 2017)
EU R&D in cybersecurity's certification
Cyber-security and IEC International Standards
A Must to Know - Testing IoT
Presentation to TRAN Committee
Chapter 27 Security Engineering
AUTOmated driving Progressed by the Internet Of Things
HCI in the software process
2 OVERVIEW Cybersecurity initiative launched in July 2015 to create a trusted environment to address Cybersecurity -- Focus on the security needs of operators.
Presented by Prof. dr. Nermin Suljanović Elektroinštitut Milan Vidmar
Group Meeting Ming Hong Tsai Date :
Draft Methodology for impact analysis of ESS.VIP Projects
MANAGING THE DEVELOPMENT AND PURCHASE OF INFORMATION SYSTEMS
Replies by the Task Force to the comments provided by GRVA members
H2020 Infoday on Photonics Topics
Sammy Haddad, Research Manager, Oppida
ETSI Contribution to 3rd Meeting of EC Expert Group on RRS
Alliance for Telecommunications Industry Solutions (ATIS) Update
ESS Vision and VALIDATION
Evoluon Congress Center Helmond Automotive Campus
Presentation transcript:

The SAFERtec project on V2I security assurance: concept and vision Panagiotis Pantazopoulos, PhD Institute of Communication and Computer Systems SAFERtec session, Oslo, Norway 14 September 2017

Presentation break-down Where is our focus placed-on? Why we consider the problem interesting/important? How do we tackle it ? 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 2

What is SAFERtec all about? (out of 187 words taken from the project abstract and the summary of the ‘proposed solution’ text-box) 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 3

Connected vehicles: an emerging paradigm a dynamic Cyber-physical system comprised by highly-equipped infrastructure-connected vehicles They integrate a large set 3rd party components (including GNSS Receiver) and apps Numerous interfaces and an increased attack surface are exposed To what extent are we ‘sure’ that the involved technology meets the requirements for safety/security/privacy… Focus on V2I 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 4

Quantifying assurance levels.. Quantification of the involved levels is complex and costly ! Typically relies on generic frameworks not tailored for the connected-vehicle-ecosystem Strong dependencies between modules The ‘connected vehicles’ attack surface is large.. ‘Connected Vehicles’ that are equipped with consumer electronics and telematic services typically integrate a large set 3rd party components and applications. Applications “outside the vehicle” introduced by 3rd party application providers, or an application provider of RSUs/ traffic management centre/cloud-based services have different requirements and impact. Combining security with safety (at all stages of the analysis; threat, vulnerability and risk assessment) is one of the cornerstones of SAFERtec. The main research-question that SAFERtec addresses is to quantify the degree of confidence that all security needs (involved in V2I communication instances) are satisfied. Existing standards and approaches such as NIST FIPS 140-X, ISO Common Criteria 1.3 and recommendations published by the Car-to-Car consortium do not cover all aspects related to the automotive and connected vehicle eco-system, are rather generic and with limited scope, difficult and slow to adapt. 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 5

SAFERtec project in a nutshell Security assurance for connected vehicles …includes work on: Attack modeling and vulnerability analysis on challenging V2I use-cases Design of an agile assurance framework Realization of the use-cases with prototype vehicle(s) and 3rd party hardware Verification of the framework’s accuracy ‘Transforming‘ the framework into an online toolkit Project facts Start date: January 2017 Duration: 36 months Budget: 3.81 Meuro Project Coordinator: Dr. Angelos Amditis, ICCS a.amditis@iccs.gr 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 6

SAFERtec Project objectives Description Comment 1 Provide security assurance Framework for the whole System Development Life Cycle Aim to cover: design, implementation, verification, operation (and maintenance) 2 Provide methods for threat analysis and attack modeling 3 Enhance vulnerability analysis and penetration testing in connected vehicles and V2I systems 4 Define of Metrics (quantification) and KPIs related to system reliability, safety, security and privacy 5 Provide a flexible and cost-efficient security assurance process Aim to have: framework across all modules/system 6 Foster the adaptation of more flexible and cost-efficient assurance methods for the automotive industry, 7 Improve European industrial competitiveness in secure & trusted Connected Vehicle and V2X based ICT 8 Identify gaps in current security assurance practices, formal methods and international accepted standards Standardization plan 9 Assess and evaluate the assurance framework through real world use case scenarios 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 7

How to work: the SAFERtec work plan WP1 Management WP2 modeling & requirements WP3 Assurance framework(AF) WP4 Connected Vehicle System WP5 AF Evaluation WP6 AF Toolkit WP7 Dissemination 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 8

The SAFERtec Vehicle-to-Infrastructure Use-Cases Graphics courtesy of Car 2 Car consortium 14 September 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 9

Thank you! Any Questions? Panagiotis Pantazopoulos, PhD Researcher/Technical Project Manager ICCS ppantaz@iccs.gr

Back-up slides

Project objectives 12 July 2017 Check if a certain product meets the SAFERtec requirements; if not, the product is suggested to be sent back to the manufacturer for ‘improvements’. Thus, we impact the design. Project objectives Objectives Description Comment 1 Provide security assurance Framework for the whole System Development Life Cycle Aim to cover: design, implementation, verification, operation (and maintenance) 2 Provide methods for threat analysis and attack modeling 3 Enhance vulnerability analysis and penetration testing in connected vehicles and V2I systems 4 Define of Metrics (quantification) and KPIs related to system reliability, safety, security and privacy D2.2 “Expression of security needs” 5 Provide a flexible and cost-efficient security assurance process WP3 : same basic set of rules for 80% of the studied cases 6 Foster the adaptation of more flexible and cost-efficient assurance methods for the automotive industry, -//- 7 Improve European industrial competitiveness in secure & trusted Connected Vehicle and V2X based ICT 8 Identify gaps in current security assurance practices, formal methods and international accepted standards Standardization plan already in the proposal. Updates to be discussed. 1 explicit contribution, extension or recommendation to a relevant standard 9 Assess and evaluate the assurance framework through real world use case scenarios 12 July 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 12

Risk management A risk matrix set up at the project kick- off Updated in the D1.2 –Risk and Quality Procedures Manual To be updated in every quarter of the project 12 July 2017 SAFERtec workshop (in conjunction with ESORICS), Oslo, Norway 13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.