Wireless interface network security assessment

Method Purpose Short description of the method's purpose and main benefits

Method description A detailed description of the method

Electronic systems may be equipped with multiple wireless interfaces, such as Wi-Fi and radio interfaces, to allow the exchange of different kinds of data with the outside. The agricultural sector increasingly relies on automated vehicles. These machines are often based on a CANbus control network and equipped with different wireless interfaces to implement different functionalities, such as remote control through radio links, GPS-based localization, and Wi-Fi-based data exchange. In some cases, these interfaces are directly connected with the system’s internal data bus which is also linked to other vital parts of the system, such as, in case of vehicles, the Electronic Control Units (ECUs) [WIN1]. In this way, the remote execution of malicious code sent via wireless remote-control interfaces may be critical for the all system [WIN2] [WIN3]. The assessment of the system security against attacks carried on through wireless interfaces is of primary importance, depends not only on the considered wireless communication technology but also on the system structure, and may be performed through different methods [WIN4]. The method consists in a framework for evaluating the network security of agricultural vehicles, in particular CANbus Security and Network Segmentation, Remote control based on Radio-Links, Wireless Gateways, and GPS security. Taking as input the architecture of the control network, the framework evaluates the vulnerabilities focusing on the analysis of attack models, verifying if they allow directly accessing portions of the control network, estimating the impact on the network.

Method Strengths A listof the strengths of the method

Many critical threats and hazards can be thoroughly investigated
Ease of result exploitation compared to advanced penetration testing strategies
Possible application in a large set of scenarios to investigate a wide set of possible attacks
Allow schematization of common vulnerabilities in wireless interfaces, such as radio link and Wi-Fi interfaces

Method Limitations The limitations of the method

The applicability may be affected by the frequency bands and the usually proprietary protocols used for the radio link communications and by the internal data bus network segmentation [GAPM-WIN01].
The achievable accuracy may depend on different factors, including the power of the received signal and the received signal to noise ratio [GAPM-WIN02].
It may require heavy human intervention, especially in the initial “tuning” phase when the different tested attacks need to be adapted to the attacked system [GAPM-WIN03].
The application in a real (TRL6-7) environment may not be straightforward. Further effort is required to integrate the method in a ready-to-use tool [GAPM-WIN04].

Method References Bibliography references to papers about the method.

[WIN1] Miller C., Valasek C., "A survey of remote automotive attack surfaces", black hat USA 2014, whitepaper, 2014.

[WIN2] Miller C., Valasek C., "Adventures in automotive networks and control units", Def Con 21 whitepaper, 2013.

[WIN3] Pan L., Zheng X., Chen, H. X., Luan T., Bootwala H., Batten L., "Cyber security attacks to modern vehicular systems", Journal of Information Security and Applications, volume 36, pages 90-100, 2017.

[WIN4] "The Open Web Application Security Project (OWASP)", https://owasp.org/

Method Dimensions

Evaluation Environment Type Type of environment where the method is applied. It can be more than one type of environment. (Dimension 1)

Evaluation Type Type of evaluation performed with that method. If a method is hybrid, more than one type can be selected. (Dimension 2)

Type of Component Under Evaluation Type of components that can be evaluated with that method. It can be more than one type. (Dimension 3)

Evaluation Stage The evaluation stage where the method is used. (Dimension 5)

Purpose of the Component Under Evaluation The type of purpose that can be evaluated by a method. It can be more than one type. (Dimension 6)

Type of Requirement Under Evaluation The type of requirements that a method is able to evaluate. It can be more than one type. (Dimension 7)

Evaluation Performance Indicator The type of evaluation criteria or KPI that a method is able to improve. It can be more than one type. (Dimension 8)

Relations

Related Methods A method could be related to other methods.

Tools A method can use zero or more tools.

Part Method A method (when it is a combination: Combination of method artefact that is a specialization of a V&V Method) could be composed of a set of V&V Methods.

Test Case or Verification and Validation activity Test Case or V&V activity performed in a Use Case. We will link to the method to the test cases where the method is used.

Standards A method can be linked with standards.

Context

Workflow

Contents

There are currently no items in this folder.