Interdisciplinary Research Center on Cri3cal Systems Engineering for - - PowerPoint PPT Presentation

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems Concurrency Theore3cal Problems that ma=er for Security

Sibylle Fröschle

Mit Marlon Gräfing, Thomas Strathmann, Alexander Stühring, Jithin Zacharias

1

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Networked and Automated Systems Automo3ve & Mari3me

2

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Security-News: Automo3ve

3

www.forbes.com 24.07.2013 g i z m

• d
• .

c

• m

2 1 . 7 . 2 1 5

D i e W e l t 2 4 . 4 . 2 1 6

heise Security 15.02.2017

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 4

How can cyber-physical systems be developed and operated in a safe and secure way? How can this be done in a verifiable, and hence cer3fiable, manner?

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 5

Plan

• 1. V2X Security Architecture
• 2. Analysis of Complex Cryptographic Architectures
• 3. Safety & Security Engineering
• 4. Conclusions

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Communica3on Security

6

˃ Cryptography to ensure message integrity and privacy ˃ Public Key Infrastructure for key management

Assump3on: A=acker present (open channel) Example: ETSI V2X Standards

Enrolment Authority Authoriza3on Authority Roadside Unit PDA Vehicle Vehicle Enrolment over Secure Channel Authoriza7on over Secure Channel Coopera7ve Awareness & Safety No7fica7ons with Digital Signatures & Pseudonyms

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Endpoint Security?

7

Enrolment Authority Authoriza3on Authority Roadside Unit PDA Vehicle Vehicle Enrolment over Secure Channel Authoriza7on over Secure Channel Coopera7ve Awareness & Safety No7fica7ons with Digital Signatures & Pseudonyms

Example: ETSI V2X Standards

Malware

Assump3on: Endpoint compromised

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Endpoint Security

8

Smartcard Trusted Plajorm Module Automo3ve HSM Large HSM

˃ Hardware Security Modules (HSMs) as trust anchors ˃ Enable secure key management and plajorm integrity

Enrolment Authority Authoriza3on Authority Roadside Unit PDA Vehicle Vehicle Enrolment over Secure Channel Authoriza7on over Secure Channel Coopera7ve Awareness & Safety No7fica7ons with Digital Signatures & Pseudonyms

Example: ETSI V2X Standards

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 9

Plan

• 1. V2X Security Architecture
• 2. Analysis of Complex Cryptographic Architectures
• 3. Safety & Security Engineering
• 4. Conclusions

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Analysis of Cryptographic Architectures

10

Security Protocols Security APIs Prone to subtle A=acks! Alice {NA, A}KB Bob

{NA,NB}KA

{NB}KB HSM

Generate Key (type)

Host

hK (= handle) Encrypt (data, hK) {data}K

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Analysis of Cryptographic Architectures

11

Security Protocols Security APIs Prone to subtle A=acks! Alice {NA, A}KB

{NA,NB}KA

{NB}KB HSM

Generate Key (type) hK (= handle) Encrypt (data, hK) {data}K

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

System-of-Systems Security Goals

12

Key origin authen3ca3on:

Whenever cert is a valid cer/ficate for public key KV and according to cert key KV belongs to vehicle V then the corresponding private key KV

• 1 has been

generated within V’s HSM.

Enrolment)Authority) Authoriza1on)Authority) Roadside)Unit) PDA) Vehicle) Vehicle)

Enrolment) Authoriza0on)

CAM)…)Coopera1ve)Awareness)Message) DENM)…)Decentralized)Environmental)No1fica1on)Message)

Hardware)security)modules) as)anchor)of)trust) E Key)management) E Secure)communica1on) E Secure)storage) E Secure)boot)&)update)

• Can only be reached in a cumula3ve way
• Several Par3es
• Evolu3on Lifecycle Key Management

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Concurrency Theore3cal Problems

13

˃ Context-explicit protocols and APIs

˃ Fröschle, POST‘15, Leakiness is decidable for wellf-founded protols. ˃ Chre3en, Cor3er, Delaune CSF’16

˃ Towards composi3onal and automated verifica3on of protocols

˃ Use results on infinite-state process calculi & context-explicitness ˃ C.f. Fröschle, ERO’60 (and references therein)

˃ Seman3c clarifica3on: Contract-based requirements for systems of systems

˃ Mul3set rewri3ng, pi-calculus, strand spaces (a par3al order model) ˃ Fröschle Habil‘12, Chapter Models

˃ Contract-based requirements for systems of systems

˃ FOLTL useful! (see API framework, work in progress for SoS)

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 14

Plan

• 1. V2X Security Architecture
• 2. Analysis of Complex Security Architectures
• 3. Safety & Security Engineering

a. System b. System of Systems

• 4. Conclusions

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 15

Automo3ve Safety & Security Engineering

ISO 26262 & Security Erweiterungen, z.B. SAE J3061

Management of Cybersecurity Supporting Processes Production and Operation Concept Phase

Feature Definition Initiation of Cyber- security Lifecycle Threat Analysis & Risk Assessment Cybersecurity Concept Functional Cybersecurity Requirements Initial Cybersecurity Assessment Concept Phase Review Cybersecurity-related production requirements Maintenance & Repair Secure Update and Diagnostics Field Monitoring and Cybersecurity Incident Response

Product Development: System Level

P r

• d

u c t D e v e l

• p

m e n t : S

• f

t w a r e L e v e l Product Development: Hardware Level Initiation of Product Development at System Level (Planning) Release for Production

Design Phases Integration & Test Phases

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Safety & Security Engineering: System

16

In-Vehicle A=acker:

① Obtain Remote-Code-Execu3on on TCU by Sotware-Vulnerability. ② Compromise Gateway-ECU, e.g. by ECU Update ③ Inject cyber-physical messages, e.g. messages that control the steering wheel angle. (Necessary for Park Assistance: PAM to EPS.)

① ② ③

CAN … Controller Area Network TCU … Telema3cs Control Unit EPS … Electric Power Steering PAM … Park Assist Module

Gateway EPS PAM Sensor

CAN Antrieb CAN Komfort

TCU

CAN Infotainment CAN Diagnose

˃ Exis3ng security mechanisms & architectures not yet integrated into development process ˃ Goal: Reduce risk by an integrated safety & security analysis and concept in early design phases

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Safety & Security Engineering: System

17

Safety & Security Concept:

Defence-in-Depth Security-Measures + Safety-Measures. ① Sotware-Security ② Strong Access Control for ECU Update ③ Check of the situa3onal context before cyber-pysical message is executed.

① ② ③

CAN … Controller Area Network TCU … Telema3cs Control Unit EPS … Electric Power Steering PAM … Park Assist Module

Gateway EPS PAM Sensor

CAN Antrieb CAN Komfort

TCU

CAN Infotainment CAN Diagnose Context-Check: Execute messages that control the steering angle only if : PA = on and v < 8kmh

˃ Exis3ng security mechanisms & architectures not yet integrated into development process ˃ Goal: Reduce risk by an integrated safety & security analysis and concept in early design phases

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 18

Model-Based Safety & Security Analysis

˃ Method to support the itera3ve design and evalua3on

• f a high-level safety & security concept

Strathmann, Fröschle, MBEES’17

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Analyzing the Capabili3es of the CAN A=acker

19

① ② ③

CAN … Controller Area Network TCU … Telema3cs Control Unit EPS … Electric Power Steering PAM … Park Assist Module

Gateway EPS PAM Sensor

CAN Antrieb CAN Komfort

TCU

CAN Infotainment CAN Diagnose Context-Check: Execute messages that control steering angle only if: PA = on and v < 8kmh

CAN-A=acker:

① Silence sensor ECU -> inject own speed values covertly ② Silence PAM -> inject own PAM- status values covertly ③ Inject covertly messages that control the steering.

˃ Assump3on: A=acker has reached Stage (3). ˃ Ques3on: Can he forge the situa3onal context? ˃ Example: EPS thinks v < 8kmh but actual speed v > 160kmh

Fröschle, Stühring, ESORICS’17 Stühring, Ehmen, Fröschle: DATE’16, Award for best interac3ve presenta3on paper

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Safety & Security Engineering – System of Systems

20

˃ In the recent proposals on how to integrate security into the safety engineering process the focus is s3ll

• n the system level.

˃ Goal: Understand risk for the system-of-systems level and contain risk by architectural measures.

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Safety & Security Engineering – System of Systems

21

Example V2X: What can an a=acker do with a set of V2X security creden3als?

Private key k of vehicle V Fröschle & Stühring, ESSoS’14

Patrick Uven, Masterarbeit’14 Future work with LL AIM

˃ In the recent proposals on how to integrate security into the safety engineering process the focus is s3ll

• n the system level.

˃ Goal: Understand risk for the system-of-systems level and contain risk by architectural measures.

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 22

• 1. Local A=ack

Impact Analysis

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 23

• 1. Local A=ack
• 2. Mul3plica3on A=ack:

N Loca3ons N A=ackers

Impact Analysis

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 24

• 1. Local A=ack
• 2. Mul3plica3on A=ack:

N Loca3ons N A=ackers

• 3. Escala3on A=ack: via Malware

! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V! ! ! ! ! ! V!

Impact Analysis

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29 25

Propor7on of aBack distribu7on and physical presence: Whenever there is a distributed a=ack at loca3ons x1, …, xn then n colluding a=ackers must be present at loca3ons x1, …, xn.

Design locality and proof of physical presence into the system. RSU

ALICE

Observe visual characteris3c or id Here is your loca3on cer3ficate: { I’ve observed Alice at 3me T at loca3on X }_skR acertaa(pkR at loca3on X)

A=ack Containment: Principles & Measures

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Proof-of-Concept (laufende/geplante Arbeiten)

26

① 802.11a devices speak 802.11p

Eskala3onsangriff via Malware auf Standardgeräten wie Laptops, Tablets

② Simula3on von Angriffsausbreitung

mit Veins – SUMO + OMNeT++

③ Loca3on witness cer3ficates

Forschungskreuzung - DLR Braunschweig

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Concurrency Theore3cal Challenges

27

˃ Seman3c base for model-based safety & security analysis

˃ control, 3me, probabili3es, data

˃ Co-simula3on frameworks & sta3s3cal model-checking ˃ Composi3onal Theory and Analysis ˃ Cryptographic architecture versus „cyberphysical behaviour“ ˃ Local Units and Containment ˃ Design for Risk Containment

˃ Theory that jus3fies Engineering Principles

Project: Interdisciplinary Research Center on Cri3cal Systems Engineering for Socio-Technical Systems (CSE) Web: h=p://www.uni-oldenburg.de/cse/ Event: OPCT, 2017-06-29

Security & Safety for Cri3cal Infrastructures

28

Manage complexity and contain risk!