How to Model Privacy Threats in the Automotive Domain

03/18/2023

∙

This paper questions how to approach threat modelling in the automotive domain at both an abstract level that features no domain-specific entities such as the CAN bus and, separately, at a detailed level. It addresses such questions by contributing a systematic method that is currently affected by the analyst's subjectivity because most of its inner operations are only defined informally. However, this potential limitation is overcome when candidate threats are identified and left to everyone's scrutiny. The systematic method is demonstrated on the established LINDDUN threat modelling methodology with respect to 4 pivotal works on privacy threat modelling in automotive. As a result, 8 threats that the authors deem not representable in LINDDUN are identified and suggested as possible candidate extensions to LINDDUN. Also, 56 threats are identified providing a detailed, automotive-specific model of threats.

READ FULL TEXT

How to Model Privacy Threats in the Automotive Domain

A Threat Model for Soft Privacy on Smart Cars

Privacy Threats on the Internet of Medical Things

Up-to-date Threat Modelling for Soft Privacy on Smart Cars

Characteristics and Main Threats about Multi-Factor Authentication: A Survey

Poster: Patient Community – A Test Bed For Privacy Threat Analysis

Fair Context-Aware Privacy Threat Modelling

Threat Modelling in Virtual Assistant Hub Devices Compared With User Risk Perceptions (2021)

How to Model Privacy Threats in the Automotive Domain

Related Research

A Threat Model for Soft Privacy on Smart Cars

Privacy Threats on the Internet of Medical Things

Up-to-date Threat Modelling for Soft Privacy on Smart Cars

Characteristics and Main Threats about Multi-Factor Authentication: A Survey

Poster: Patient Community – A Test Bed For Privacy Threat Analysis

Fair Context-Aware Privacy Threat Modelling

Threat Modelling in Virtual Assistant Hub Devices Compared With User Risk Perceptions (2021)