The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors Sr. Threat Researcher Manager, Threat Research
The United Nations Regulation No. 155 sets provisions for cybersecurity and cyber security management systems in vehicles. A notable section of the document is Annex 5, which lists 69 attack vectors affecting vehicle cybersecurity. In order to help organizations comply with this regulation, we conducted a threat modelling exercise on the defined attack vectors as a form of risk assessment.
One of the challenges presented by the regulation is for manufacturers to conduct their own risk assessments in order to best implement cybersecurity measures, with Annex 5 serving as a guide.
In our research paper, “Identifying Cybersecurity Focus Areas in Connected Cars Based on WP.29 UN R155 Attack Vectors and Beyond,” we used the DREAD threat model to assess the risk level of the attack vectors listed in Annex 5. First, we considered the current technological and threat landscape to make our assessment. Then we conducted the exercise again, based on our predictions of how these technologies and threats would evolve. This blog entry provides an overview of this process.
UN R155’s attack vectors and current risk ratings
The Annex 5 attack vectors were grouped into factors that affect the connected car ecosystem, such as the backend, communication channels, update procedures, external connectivity, and data/code. We used the DREAD threat model to identify areas that would, at present, likely demand the most focus for its high-risk vectors.
We put the attack vectors through the DREAD threat model by applying current technologies; hacker tools, techniques, and procedures (TTPs); and learnings from published research in the car hacking domain. From the attack vectors in Annex 5, we rated many of those regarding vehicle data/code as high-risk. One the reasons for this rating is how the manipulation of vehicle parameters could have serious consequences that could even endanger lives.
The future of connected cars
Our risk assessments were based on current technologies, hacker TTPs, and published research. In the next decade, many of these factors would have already changed (especially with 5G networks on the horizon), therefore transforming threat profiles. Based on past studies, we predicted the changes the current connected cars ecosystem would undergo.
A few examples of these predictions include how vehicle-to-everything (V2X) communication will become mainstream; the data supply chain (which equates to the data lifecycle) will become a critical component in the safety of connected cars; and head units will support a large third-party app ecosystem. The full list can be found in our research, but from these three we can infer how such changes can influence the risk ratings of different attack vectors, such as those related to the communication channel and data/code.
Future risk assessment
Given these likely evolutions in the connected car technologies, we attempted to predict how the risk assessments will change by reevaluating the attack vectors via the DREAD threat model. We found that in the future, risks at the communication channel will increase dramatically. We rated communication channel risks as higher because vehicles are bound to be better connected through improved APIs both internally and externally. While this will happen in the near future, car cybersecurity should be designed with great consideration for back ends, APIs, and data security from the beginning to have a better coverage over both current and future risks.
Read More HERE