Project Details
Projekt Print View

Resilient Safety-Critical Systems through Run-time Risk Assessment, Isolation, and Recovery (RESURREC)

Subject Area Security and Dependability, Operating-, Communication- and Distributed Systems
Term since 2022
Project identifier Deutsche Forschungsgemeinschaft (DFG) - Project number 503329135
 
Attacks on safety-critical systems such as autonomous vehicles can have serious consequences, such as financial damage or even danger to life and limb. Through successful attacks on assets (e.g., software applications, control units, cryptographic keys, or messages), an attacker can cause damage directly or indirectly (by extending the attack from one asset to another). Classical safety measures such as Fault Detection, Isolation, and Recovery (FDIR) only protect against errors and not against targeted attacks. For example, an attacker could manipulate a component that is responsible for the isolation of a faulty component and for switching to a redundant instance. FDIR must therefore be extended to include suitable security measures. In particular, in addition to errors, it must be possible to detect and respond to attacks. To achieve resilience, mechanisms for isolation and recovery must be protected against manipulation as well. Furthermore, once an attack has been detected, a suitable response has to be selected at run-time of the system; this decision needs to be based on a risk computation and needs to take the specifics of the safety-critical system into consideration. In this proposal, we propose a project to advance attack detection, run-time risk assessment, isolation, and recovery to increase the resilience of safety-critical systems. The main focus lies on the last three aspects, as there are already several approaches for Intrusion Detection Systems (IDS) in safety-critical systems, while risk assessment, isolation and recovery have received much less attention. As application domain, we consider an autonomous vehicle, as it is a distributed and complex safety-critical system, consisting of several networked components, such as control units, sensors and actuators, with software applications running on them. For risk assessment, we investigate new methods to assess risk based on the dependencies between assets. Approaches for isolation and recovery known from the safety context are supplemented by security measures. We investigate how the zero trust paradigm can be applied to safety-critical systems. For this, we investigate, among other things, novel authentication mechanisms, access and usage control systems, and secure service-oriented architectures. Our developed solutions will be prototypically implemented and evaluated.
DFG Programme Priority Programmes
 
 

Additional Information

Textvergrößerung und Kontrastanpassung