Vehicles are increasingly connected to different types of networks, making them targets for potential attacks. Consider

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

Vehicles are increasingly connected to different types of networks, making them targets for potential attacks. Consider

Post by answerhappygod »

Vehicles are increasingly connected to different types of
networks, making them targets for
potential attacks. Consider a smart vehicle prototype that works as
follows:

- Multiple types of sensors, including cameras, lidar sensors, and
infrared sensors, are used to detect
road conditions to provide varying degrees of autonomous driving
support;
- All data from sensors are transmitted to the on-board computer
for decision making. An on-board
backup server stores all data in the backend;
- The user can interact with the on-board computer via a
touchscreen;
- When the driver is not in the vehicle, the vehicle sets up an
alarm mode. Drivers get alarms
through their smartphones. Optionally, alarms can also be sent to
the police;
- The software on-board can be updated remotely by the vehicle
manufacturer, with the permission
of the driver.
- The operation of the vehicle will be simplified as follows: the
on-board computer processes the
sensor readings and makes decisions such as speed maintenance and
braking operation. The
driver’s input will override the computer decisions and will take
priority. Once the driver exits the
vehicle, the doors should be automatically locked and the vehicle
enters alarm mode.

Based on this description, plot a level 0 and level 1 DFD diagram
with the following external
entities: vehicle manufacturer, driver, and police. You may assume
that there is only one on-board
computer for decision making, and one on-board backup server for
storage of all data. You may
add additional details and assumptions as you see necessary. In the
level 0, all entities including
sensors, the on-board computer and the on-board server should be
plotted. In level 1, you should
focus on the operations of the vehicle and plot the basic functions
and processes including speed
maintenance, braking, and alarm mode.

Carry out a STRIDE analysis for the system in the previous problem,
and list the STRIDE analysis
table. Based on the table, identify three possible attacks to the
vehicle and mitigation methods for
each of them.

Now consider the goal of spoofing the identity of a user to get
access to the vehicle. Can you
develop an attack tree to list possible attack methods
systematically?
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”