ECE MASTER OF SCIENCE THESIS DEFENSE BY: Matthew Furtado
When: Thursday,
June 21, 2018
3:00 PM
-
5:00 PM
Where: Science & Engineering Building, Lester W. Cory Conference Room: Room 213A
Cost: free
Description: TOPIC: IDENTIFYING THREATS TO THE SECURITY CREDENTIAL MANAGEMENT SYSTEM FOR VEHICULAR COMMUNICATIONS
LOCATION: Lester W. Cory Conference Room, Science & Engineering Building (SENG), Room 213A
ABSTRACT:
Vehicle-to-Vehicle (V2V) communication allows vehicles to exchange information to work cooperatively which promotes safety, mobility, and entertainment applications. The U.S. Department of Transportation (US-DOT) is mandating this technology to be equipped in all new vehicles in the U.S. by 2021. However, such a cooperative system opens new cybersecurity threats and vulnerabilities. Broadcasted basic safety messages influence operations that require integrity assurance to prohibit unauthorized modification, guarantee the authenticity of the source, and safeguard sensitive data to uphold privacy. Vehicular Public Key Infrastructure (V-PKI) is a critical component to secure this prominent transportation technology. The Security Credential Management System (SCMS) is the leading candidate design for V-PKI that facilitates trusted communications by managing security certificates for authorized devices while protecting the privacy of vehicular users.
This research focuses on threat analysis to the proposed SCMS for its main use cases. Using the Microsoft Threat Modeling tool, the work identifies threats into six categories of the STRIDE threat classification model: Spoofing Identity, Tampering with Data, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. The tool also recommends mitigation strategies to each threat, matching with current SCMS defense mechanics. The research explores different attack schemes detrimental to the safety of individuals that vehicular communications technology is meant to protect. These attacks use compromised private keys of V-PKI to cause accidents, track specific vehicles, and cause hysteria within the system. The work confirms SCMS readiness as a vital V-PKI for vehicular networks and recommends several defense enhancements.
NOTE: All ECE Graduate Students are ENCOURAGED to attend.
All interested parties are invited to attend. Open to the public.
Advisor: Dr. Hong Liu
Committee Members: Dr. Paul J. Fortier, Department of Electrical & Computer Engineering; and
Dr. Jonathan Petit, Senior Director of Research, OnBoard Security, Inc.
*For further information, please contact Dr. Hong Liu at 508.999.8514, or via email at hliu@umassd.edu.
LOCATION: Lester W. Cory Conference Room, Science & Engineering Building (SENG), Room 213A
ABSTRACT:
Vehicle-to-Vehicle (V2V) communication allows vehicles to exchange information to work cooperatively which promotes safety, mobility, and entertainment applications. The U.S. Department of Transportation (US-DOT) is mandating this technology to be equipped in all new vehicles in the U.S. by 2021. However, such a cooperative system opens new cybersecurity threats and vulnerabilities. Broadcasted basic safety messages influence operations that require integrity assurance to prohibit unauthorized modification, guarantee the authenticity of the source, and safeguard sensitive data to uphold privacy. Vehicular Public Key Infrastructure (V-PKI) is a critical component to secure this prominent transportation technology. The Security Credential Management System (SCMS) is the leading candidate design for V-PKI that facilitates trusted communications by managing security certificates for authorized devices while protecting the privacy of vehicular users.
This research focuses on threat analysis to the proposed SCMS for its main use cases. Using the Microsoft Threat Modeling tool, the work identifies threats into six categories of the STRIDE threat classification model: Spoofing Identity, Tampering with Data, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. The tool also recommends mitigation strategies to each threat, matching with current SCMS defense mechanics. The research explores different attack schemes detrimental to the safety of individuals that vehicular communications technology is meant to protect. These attacks use compromised private keys of V-PKI to cause accidents, track specific vehicles, and cause hysteria within the system. The work confirms SCMS readiness as a vital V-PKI for vehicular networks and recommends several defense enhancements.
NOTE: All ECE Graduate Students are ENCOURAGED to attend.
All interested parties are invited to attend. Open to the public.
Advisor: Dr. Hong Liu
Committee Members: Dr. Paul J. Fortier, Department of Electrical & Computer Engineering; and
Dr. Jonathan Petit, Senior Director of Research, OnBoard Security, Inc.
*For further information, please contact Dr. Hong Liu at 508.999.8514, or via email at hliu@umassd.edu.
Contact:
ECE: Electrical & Computer Engineering Department 508.999.9164 http://www.umassd.edu/engineering/ece/
Topical Areas: General Public, University Community, College of Engineering, Electrical and Computer Engineering