Using a Cyber Digital Twin for Continuous Automotive Security Requirements Verification

A Digital Twin (DT) is a digital representation of a physical object used to simulate it before it is built or to predict failures after the object is deployed. The DT concept was originally applied to manufacturing but has been gaining attention in other areas. In this article, we introduce a novel concept called Cyber Digital Twin (CDT), which transfers the idea of the DT to automotive software for the purpose of security analysis. In our approach, the ECU software (i.e., firmware) is transformed into a CDT, which contains automatically extracted, security-relevant information from the firmware. With this, we can evaluate automotive security requirements through automated security requirements verification using policy enforcement checks and detection of security vulnerabilities. The evaluation can be done continuously using newly integrated checks and published security vulnerabilities.

READ FULL TEXT

page 1

page 8

research
04/29/2022

A Digital Twin Framework for Cyber Security in Cyber-Physical Systems

Currently, most of the research in digital twins focuses on simulation a...
research
05/22/2022

Digital Twin for Secure Semiconductor Lifecycle Management: Prospects and Applications

The expansive globalization of the semiconductor supply chain has introd...
research
09/09/2019

Análise de Segurança Baseada em Roles para Fábricas de Software

Most software factories contain applications with sensitive information ...
research
09/06/2019

Security Requirements of Commercial Drones for Public Authorities by Vulnerability Analysis of Applications

Due to the ability to overcome the geospatial limitations and to the pos...
research
10/30/2020

Evaluation of vulnerability reproducibility in container-based Cyber Range

A cyber range, a practical and highly educational information security e...
research
06/14/2022

Data security as a top priority in the digital world: preserve data value by being proactive and thinking security first

Today, large amounts of data are being continuously produced, collected,...
research
06/05/2019

Updating the Wassenaar Debate Once Again: Surveillance, Intrusion Software, and Ambiguity

This paper analyzes a recent debate on regulating cyber weapons through ...

Please sign up or login with your details

Forgot password? Click here to reset