Christine Jakobs, Matthias Werner, Karsten Schmidt, Gerhard Hansch
{"title":"跟随大白兔:基于风险分析结果的完整性验证","authors":"Christine Jakobs, Matthias Werner, Karsten Schmidt, Gerhard Hansch","doi":"10.1145/3488904.3493377","DOIUrl":null,"url":null,"abstract":"Security is a cross-cutting issue in the automotive development process. The nature of cross-cutting issues demands constant coordination between different stakeholders. Changes in the vehicle functionalities lead to reoccurring security analysis steps, rising the complexity of progress tracking. While those process steps are typically done on function level, the vehicle architecture has to be verified as a composite, too. This is mostly done late in the development process by testing. Thus, architectural mismatches between functionalities security demands are often revealed too late. Starting from the definition of integrity as a system property in the information flow, we present the link from the MoRA approach to the architectural modeling and analysis approach. Verifying the no command-up policy is transferred to the temporal logic TLA+ allowing an early and fast architecture verification.","PeriodicalId":332312,"journal":{"name":"Proceedings of the 5th ACM Computer Science in Cars Symposium","volume":"102 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Following the White Rabbit: Integrity Verification Based on Risk Analysis Results\",\"authors\":\"Christine Jakobs, Matthias Werner, Karsten Schmidt, Gerhard Hansch\",\"doi\":\"10.1145/3488904.3493377\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security is a cross-cutting issue in the automotive development process. The nature of cross-cutting issues demands constant coordination between different stakeholders. Changes in the vehicle functionalities lead to reoccurring security analysis steps, rising the complexity of progress tracking. While those process steps are typically done on function level, the vehicle architecture has to be verified as a composite, too. This is mostly done late in the development process by testing. Thus, architectural mismatches between functionalities security demands are often revealed too late. Starting from the definition of integrity as a system property in the information flow, we present the link from the MoRA approach to the architectural modeling and analysis approach. Verifying the no command-up policy is transferred to the temporal logic TLA+ allowing an early and fast architecture verification.\",\"PeriodicalId\":332312,\"journal\":{\"name\":\"Proceedings of the 5th ACM Computer Science in Cars Symposium\",\"volume\":\"102 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 5th ACM Computer Science in Cars Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3488904.3493377\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 5th ACM Computer Science in Cars Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3488904.3493377","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Following the White Rabbit: Integrity Verification Based on Risk Analysis Results
Security is a cross-cutting issue in the automotive development process. The nature of cross-cutting issues demands constant coordination between different stakeholders. Changes in the vehicle functionalities lead to reoccurring security analysis steps, rising the complexity of progress tracking. While those process steps are typically done on function level, the vehicle architecture has to be verified as a composite, too. This is mostly done late in the development process by testing. Thus, architectural mismatches between functionalities security demands are often revealed too late. Starting from the definition of integrity as a system property in the information flow, we present the link from the MoRA approach to the architectural modeling and analysis approach. Verifying the no command-up policy is transferred to the temporal logic TLA+ allowing an early and fast architecture verification.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
