This paper presents a Domain Specific Language (DSL) for generically
describing cyber attacks, agnostic to specific system-under-test(SUT). The
creation of the presented DSL is motivated by an automotive use case. The
concepts of the DSL are generic such thatattacks on arbitrary systems can be
addressed.The ongoing trend to improve the user experience of vehicles with
connected services implies an enhanced connectivity as well asremote accessible
interface opens potential attack vectors. This might also impact safety and the
proprietary nature of potential SUTs.Reusing tests of attack vectors to
industrialize testing them on multiple SUTs mandates an abstraction mechanism
to port an attackfrom one system to another. The DSL therefore generically
describes attacks for the usage with a test case generator (and
executionenvironment) also described in this paper. The latter use this
description and a database with SUT-specific information to generateattack
implementations for a multitude of different (automotive) SUTs.

Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Wolschke_C/0/1/0/all/0/1">Christian Wolschke</a>, <a href="http://arxiv.org/find/cs/1/au:+Marksteiner_S/0/1/0/all/0/1">Stefan Marksteiner</a>, <a href="http://arxiv.org/find/cs/1/au:+Braun_T/0/1/0/all/0/1">Tobias Braun</a>, <a href="http://arxiv.org/find/cs/1/au:+Wolf_M/0/1/0/all/0/1">Markus Wolf</a>

By admin