%0 Conference Paper %1 weiss2021automated %A Weiss, Nils %A Renner, Sebastian %A Mottok, Jürgen %A Vaclav, Matousek %B 8th Embedded Security in Cars Conference (ESCAR USA) %D 2021 %K srenn %T Automated Threat Evaluation of Automotive Diagnostic Protocols %X Diagnostic protocols in automotive systems can offer a huge attack surface with devastating impacts if vulnerabilities are present. This paper shows the application of active automata learning techniques for reverse engineering system state machines of automotive systems. The developed black-box testing strategy is based on diagnostic protocol communi- cation. Through this approach, it is possible to automatically investigate a highly increased attack surface. Based on a new metric, introduced in this paper, we are able to rate the pos- sible attack surface of an entire vehicle or a single Electronic Control Unit (ECU). A novel attack surface metric allows comparisons of different ECUs from different Original Equip- ment Manufacturers (OEMs), even between different diagnostic protocols. Additionally, we demonstrate the analysis capabilities of our graph-based model to evaluate an ECUs possible attack surface over a lifetime

@inproceedings{weiss2021automated, abstract = {Diagnostic protocols in automotive systems can offer a huge attack surface with devastating impacts if vulnerabilities are present. This paper shows the application of active automata learning techniques for reverse engineering system state machines of automotive systems. The developed black-box testing strategy is based on diagnostic protocol communi- cation. Through this approach, it is possible to automatically investigate a highly increased attack surface. Based on a new metric, introduced in this paper, we are able to rate the pos- sible attack surface of an entire vehicle or a single Electronic Control Unit (ECU). A novel attack surface metric allows comparisons of different ECUs from different Original Equip- ment Manufacturers (OEMs), even between different diagnostic protocols. Additionally, we demonstrate the analysis capabilities of our graph-based model to evaluate an ECUs possible attack surface over a lifetime}, added-at = {2021-12-08T08:07:22.000+0100}, author = {Weiss, Nils and Renner, Sebastian and Mottok, Jürgen and Vaclav, Matousek}, biburl = {https://www.bibsonomy.org/bibtex/2225459f742f717695a97bb6158ba560a/baywiss1}, booktitle = {8th Embedded Security in Cars Conference (ESCAR USA)}, interhash = {8285f6fa84a1d93e07be2d631c0a75e6}, intrahash = {225459f742f717695a97bb6158ba560a}, keywords = {srenn}, timestamp = {2021-12-08T08:07:22.000+0100}, title = {Automated Threat Evaluation of Automotive Diagnostic Protocols}, year = 2021 }