SwePub
Sök i SwePub databas

  Utökad sökning

Träfflista för sökning "WFRF:(Rosenstatter Thomas) "

Sökning: WFRF:(Rosenstatter Thomas)

  • Resultat 1-14 av 14
Sortera/gruppera träfflistan
   
NumreringReferensOmslagsbildHitta
1.
  • Aramrattana, Maytheewat, 1988-, et al. (författare)
  • Team Halmstad Approach to Cooperative Driving in the Grand Cooperative Driving Challenge 2016
  • 2018
  • Ingår i: IEEE transactions on intelligent transportation systems (Print). - Piscataway, N.J. : Institute of Electrical and Electronics Engineers Inc.. - 1524-9050 .- 1558-0016. ; 19:4, s. 1248-1261
  • Tidskriftsartikel (refereegranskat)abstract
    • This paper is an experience report of team Halmstad from the participation in a competition organised by the i-GAME project, the Grand Cooperative Driving Challenge 2016. The competition was held in Helmond, The Netherlands, during the last weekend of May 2016. We give an overview of our car’s control and communication system that was developed for the competition following the requirements and specifications of the i-GAME project. In particular, we describe our implementation of cooperative adaptive cruise control, our solution to the communication and logging requirements, as well as the high level decision making support. For the actual competition we did not manage to completely reach all of the goals set out by the organizers as well as ourselves. However, this did not prevent us from outperforming the competition. Moreover, the competition allowed us to collect data for further evaluation of our solutions to cooperative driving. Thus, we discuss what we believe were the strong points of our system, and discuss post-competition evaluation of the developments that were not fully integrated into our system during competition time. © 2000-2011 IEEE.
  •  
2.
  • Jolak, Rodi, et al. (författare)
  • CONSERVE: A framework for the selection of techniques for monitoring containers security
  • 2022
  • Ingår i: Journal of Systems and Software. - : Elsevier BV. - 0164-1212 .- 1873-1228. ; 186:April
  • Tidskriftsartikel (refereegranskat)abstract
    • Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits. © 2021 The Authors
  •  
3.
  • Jolak, Rodi, 1985, et al. (författare)
  • RIPOSTE: A Collaborative Cyber Attack Response Framework for Automotive Systems
  • 2022
  • Ingår i: Proceedings - 48th Euromicro Conference on Software Engineering and Advanced Applications, SEAA 2022. - : IEEE conference proceedings. ; , s. 350-357
  • Konferensbidrag (refereegranskat)abstract
    • The automotive domain has got its own share of advancements in information and communication technology, providing more services and leading to more connectivity. However, more connectivity and openness raise cyber security and safety concerns. Indeed, services that depend on online connectivity can serve as entry points for attacks on different assets of the vehicle. This study explores collaborative ways of selecting response techniques to counter real-time cyber attacks on automotive systems. The aim is to mitigate the attacks more quickly than a single vehicle would be able to do, and increase the survivability chances of the collaborating vehicles. To achieve that, the design science research methodology is employed. As a result, we present RIPOSTE, a framework for collaborative real-time evaluation and selection of suitable response techniques when an attack is in progress. We evaluate the framework from a safety perspective by conducting a qualitative study involving domain experts. The proposed framework is deemed slightly unsafe, and insights into how to improve the overall safety of the framework are provided.
  •  
4.
  • Rosenstatter, Thomas, 1992, et al. (författare)
  • Extending AUTOSAR's Counter-based Solution for Freshness of Authenticated Messages in Vehicles
  • 2019
  • Ingår i: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC. - 1541-0110. ; 2019-December, s. 1-109
  • Konferensbidrag (refereegranskat)abstract
    • Nowadays vehicles have an internal network consisting of more than 100 microcontrollers, so-called Electronic Control Units (ECUs), which control core functionalities, active safety, diagnostics, comfort and infotainment. The Controller Area Network (CAN) bus is one of the most widespread bus technologies in use, and thus is a primary target for attackers. AUTOSAR, an open system platform for vehicles, introduced in version 4.3 SecOC Profile 3, a counter-based solution to provide freshness in authenticated messages to protect the system against replay attacks. In this paper, we analyse and assess this method regarding safety constraints and usability, and discuss design considerations when implementing such a system. Furthermore, we propose a novel security profile addressing the identified deficiencies which allows faster resynchronisation when only truncated counter values are transmitted. Finally, we evaluate our solution in an experimental setup in regard to communication overhead and time to synchronise the freshness counter.
  •  
5.
  • Rosenstatter, Thomas, et al. (författare)
  • Modelling the Level of Trust in a Cooperative Automated Vehicle Control System
  • 2018
  • Ingår i: IEEE transactions on intelligent transportation systems (Print). - Piscataway, NJ : IEEE Press. - 1524-9050 .- 1558-0016. ; 19:4, s. 1267-1247
  • Tidskriftsartikel (refereegranskat)abstract
    • Vehicle-to-vehicle communication is a key technology for achieving increased perception for automated vehicles, where the communication enables virtual sensing by means of sensors in other vehicles. In addition, this technology also allows detection and recognition of objects that are out-of-sight. This paper presents a trust system that allows a cooperative and automated vehicle to make more reliable and safe decisions. The system evaluates the current situation and generates a trust index indicating the level of trust in the environment, the ego vehicle, and the surrounding vehicles. This research goes beyond secure communication and concerns the verification of the received data on a system level. The results show that the proposed method is capable of correctly identifying various traffic situations and how the trust index is used while manoeuvring in a platoon merge scenario.
  •  
6.
  • Rosenstatter, Thomas, 1992 (författare)
  • On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines
  • 2021
  • Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
    • Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements. This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated. The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks. The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud.
  •  
7.
  • Rosenstatter, Thomas, 1992, et al. (författare)
  • Open Problems when Mapping Automotive Security Levels to System Requirements
  • 2018
  • Ingår i: Proceedings of the 4th International Conference on Vehicle Technology and Intelligent Transport Systems. - : SCITEPRESS - Science and Technology Publications. - 9789897582936 ; 2018-March, s. 251-260
  • Konferensbidrag (refereegranskat)abstract
    • Securing the vehicle has become an important matter in the automotive industry. The communication of vehicles increases tremendously, they communicate with each other and to the infrastructure, they will be remotely diagnosed and provide the users with third-party applications. Given these areas of application, it is evident that a security standard for the automotive domain that considers security from the beginning of the development phase to the operational and maintenance phases is needed. Proposed security models in the automotive domain describe how to derive different security levels that indicate the demand on security, but do not further provide methods that map these levels to predefined system requirements nor security mechanisms. We continue at this point and describe open problems that need to be addressed in a prospective security framework for the automotive domain. Based on a study of several safety and security standards from other areas as well as suggested automotive security models, we propose an appropriate representation of security levels which is similar to, and will work in parallel with traditional safety, and a method to perform the mapping to a set of predefined system requirements, design rules and security mechanisms.
  •  
8.
  • Rosenstatter, Thomas, 1992, et al. (författare)
  • REMIND: A Framework for the Resilient Design of Automotive Systems
  • 2020
  • Bok (övrigt vetenskapligt/konstnärligt)abstract
    • In the past years, great effort has been spent on enhancing the security and safety of vehicular systems. Current advances in information and communication technology have increased the complexity of these systems and lead to extended functionalities towards self-driving and more connectivity. Unfortunately, these advances open the door for diverse and newly emerging attacks that hamper the security and, thus, the safety of vehicular systems. In this paper, we contribute to supporting the design of resilient automotive systems. We review and analyze scientific literature on resilience techniques, fault tolerance, and dependability. As a result, we present the REMIND resilience framework providing techniques for attack detection, mitigation, recovery, and resilience endurance. Moreover, we provide guidelines on how the REMIND framework can be used against common security threats and attacks and further discuss the trade-offs when applying these guidelines.
  •  
9.
  • Rosenstatter, Thomas, 1992 (författare)
  • Towards a Standardised Framework for Securing Connected Vehicles
  • 2019
  • Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
    • Vehicular security was long limited to physical security - to prevent theft. However, the trend of adding more comfort functions and delegating advanced driving tasks back to the vehicle increased the magnitude of attacks, making cybersecurity inevitable. Attackers only need to find one vulnerability in the myriad of electronic control units (ECUs) and communication technologies used in a vehicle to compromise its functions. Vehicles might also be attacked by the owners, who want to modify or even disable certain vehicle functions. Many different parties are involved in the development of such a complex system as the functions are distributed over more than 100 ECUs, making it difficult to get an overall picture of the achieved security. Therefore, moving towards a standardised security framework tailored for the automotive domain is necessary. In this thesis we study various safety and security standards and proposed frameworks from different industrial domains with respect to their way of classifying demands in the form of levels and their methods to derive requirements. In our proposed framework, we suggest security levels appropriate for automotive systems and continue with a mapping between these security levels and identified security mechanisms and design rules to provide basic security. We further study in detail a mechanism which provides freshness to authenticated messages, namely AUTOSAR SecOC Profile 3, and present a novel extension that offers a faster synchronisation between ECUs and reduces the number of required messages for synchronisation.
  •  
10.
  • Rosenstatter, Thomas, 1992, et al. (författare)
  • Towards a Standardized Mapping from Automotive Security Levels to Security Mechanisms
  • 2018
  • Ingår i: IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC. ; 2018-November, s. 1501-1507
  • Konferensbidrag (refereegranskat)abstract
    • Modern vehicles are becoming targets and need to be secured throughout their lifetime. There exist several risk assessment models which can be used to derive security levels that describe to what extent components, functions and messages (signals), need to be protected. These models provide methods to gather application specific security requirements based on identified threat and item combinations that need to be coped with. However, a standardized mapping between security levels and required mandatory security mechanisms and design rules is currently missing. We address this problem first by suggesting that the risk assessment process should result in five security levels, similar to the functional safety standard ISO 26262. Second, we identify suitable security mechanisms and design rules for automotive system design and associate them with appropriate security levels. Our proposed methodology is as much as possible aligned with ISO 26262 and we believe that it should therefore be realistic to deploy in existing organizations.
  •  
11.
  • Rosenstatter, Thomas, et al. (författare)
  • Towards Synthetic Data Generation of VANET Attacks for Efficient Testing
  • 2023
  • Ingår i: 2023 IEEE Intelligent Vehicles Symposium (IV).
  • Konferensbidrag (refereegranskat)abstract
    • Vehicle-to-Vehicle communication can improve traffic safety and efficiency. This technology, however, increases the attack surface, making new attacks possible. To cope with these threats, researchers have made a great effort to identify and explore the potential of cyberattacks and also proposed various intrusion or misbehaviour detection systems, in particular machine learning-based solutions. Simulations have become essential to design and evaluate such detection systems as there are no real publicly available Vehicular Ad-Hoc Network (VANET) datasets containing a variety of attacks. The drawback is that simulations require a significant amount of computational resources and time for configuration. In this paper, we present an attack simulation and generation framework that allows training the attack generator with either simulated or real VANET attacks. We outline the structure of our proposed framework and describe the setup of a standard-compliant attack simulator that generates valid standardised CAM and DENM messages specified by ETSI in the Cooperative Intelligent Transport Systems (C-ITS) standards. Based on the introduced framework, we demonstrate the feasibility of using deep learning for the generation of VANET attacks, which ultimately allows us to test and verify prototypes without running resource-demanding simulations.
  •  
12.
  • Rosenstatter, Thomas, 1992, et al. (författare)
  • V2C: A Trust-Based Vehicle to Cloud Anomaly Detection Framework for Automotive Systems
  • 2021
  • Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : ACM. ; , s. 1-10
  • Konferensbidrag (refereegranskat)abstract
    • Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks. As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon.
  •  
13.
  • Strandberg, Kim, 1980, et al. (författare)
  • Resilient Shield: Reinforcing the Resilience of Vehicles Against Security Threats
  • 2021
  • Ingår i: IEEE Vehicular Technology Conference. - 1550-2252. ; 2021-April
  • Konferensbidrag (refereegranskat)abstract
    • Vehicles have become complex computer systems with multiple communication interfaces. In the future, vehicles will have even more connections to e.g., infrastructure, pedestrian smartphones, cloud, road-side-units and the Internet. External and physical interfaces, as well as internal communication buses have shown to have potential to be exploited for attack purposes. As a consequence, there is an increase in regulations which demand compliance with vehicle cyber resilience requirements. However, there is currently no clear guidance on how to comply with these regulations from a technical perspective.To address this issue, we have performed a comprehensive threat and risk analysis based on published attacks against vehicles from the past 10 years, from which we further derive necessary security and resilience techniques. The work is done using the SPMT methodology where we identify vital vehicle assets, threat actors, their motivations and objectives, and develop a comprehensive threat model. Moreover, we develop a comprehensive attack model by analyzing the identified threats and attacks. These attacks are filtered and categorized based on attack type, probability, and consequence criteria. Additionally, we perform an exhaustive mapping between asset, attack, threat actor, threat category, and required mitigation mechanism for each attack, resulting in a presentation of a secure and resilient vehicle design. Ultimately, we present the Resilient Shield a novel and imperative framework to justify and ensure security and resilience within the automotive domain.
  •  
14.
  • Vahidi, Arash, et al. (författare)
  • Systematic Evaluation of Automotive Intrusion Detection Datasets
  • 2022
  • Ingår i: Proceedings of the 6th ACM Computer Sciencein Cars Symposium (CSCS ’22), December 8, 2022, Ingolstadt, Germany. ACM,New York, NY, USA. - New York, NY, USA : Association for Computing Machinery. - 9781450397865
  • Konferensbidrag (refereegranskat)abstract
    • Some current and next generation security solutions employ machine learning and related technologies. Due to the nature of these applications, correct use of machine learning can be critical. One area that is of particular interest in this regard is the use of appropriate data for training and evaluation. In this work, we investigate different characteristics of datasets for security applications and propose a number of qualitative and quantitative metrics which can be evaluated with limited domain knowledge. We illustrate the need for such metrics by analyzing a number of datasets for anomaly and intrusion detection in automotive systems, covering both internal vehicle network and vehicle-to-vehicle (V2V) communication. We demonstrate how the proposed metrics can be used to learn the strengths and weaknesses in these datasets.
  •  
Skapa referenser, mejla, bekava och länka
  • Resultat 1-14 av 14

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Stäng

Kopiera och spara länken för att återkomma till aktuell vy