Principal Investigator: Sandip Ray
Start Date: October 1, 2019
End Date: September 30, 2022
This project develops a comprehensive framework for security validation of modern automotive systems. With increasing autonomy, automotive systems are evolving into very complex distributed systems. They contain more than a hundred electronic control units (ECU), a heterogeneous collection of sensors and actuators, several in-vehicle communication networks, and several hundred megabytes of software. Currently security validation of these systems depends primarily on human expertise to identify vulnerabilities in design and implementation. Clearly this does not scale to large complex systems. The project addresses this problem by introducing automated penetration testing methods capable of handling the exploding automotive system complexities.
This project develops technology for systematic analysis of diverse safety, security, and reliability requirements in current and emergent vehicles. It enables early comprehension of conflict, trade-offs, and potential internal inconsistencies among the different requirements. The framework includes: (1) an adaptive virtual prototyping infrastructure that enables smooth integration of ECU, sensor, and actuator models; and (2) a concolic testing facility to generate penetration tests automatically for targeted adversary models. The analysis techniques developed in the research cross-cut hardware, software, and physical (sensory and actuarial) artifacts. The framework brings together currently disparate research in security, machine intelligence, and decision science. This project promises transformative technical and societal impacts through drastically improved safety, security, and reliability of diverse cyber-physical systems in general and automotive systems in particular. Research results will be integrated into graduate and undergraduate courses. A new workshop will be introduced to bring together experts in automotive safety, security, and reliability, and cross-cutting areas. Hands-on training modules for undergraduate and high school students will be developed using automotive simulator platforms. Participation of underrepresented students in the project will be actively encouraged. Industry connections will be used and actively pursued for technology transfer.