Assessment Framework for evaluation of active defense of in-vehicle networks
by Nathaniel Toll, Rob Knake, Akash Vijaybhai Patel, Stephen Raio, Daniel E. Krych, Global Resilience Institute
Through a grant from the Office of Naval Research, GRI worked with a team of computer scientists at the Army Research Lab to develop a framework for evaluating active-defense tools for in-vehicle networks. With vehicles becoming more and more connected and reliant on in-vehicle networks and connected systems to operate safely, defense methods have evolved to include active defenses to potential adversaries. The next step after implementation of an active defense on an in-vehicle network is to develop a way to quantify the active defense system’s ability to protect the in-vehicle network from adversaries that threaten the confidentiality, integrity and availability of the network and the safe operation of the vehicle. There have been previous works that focus on penetration testing of vehicles   , as well as numerous guides to penetration testing of enterprise networks . The majority of these focus on how to discover and use exploits for privilege escalation, lateral movement and enumeration. This framework does not look at the specifics of how to conduct a penetration test on a vehicle, or an in-vehicle network, using active defense techniques, but rather proposes a system for measuring the success of any deployed systems in defending the in-vehicle network. Measuring the impact of active defense against an adversary will help decision makers understand the effectiveness of active defense and determine how it will fit into the overall schematics, security and risk management of vehicle design and operations.