Computer Science

News and events

24 May 2019

Research Seminar: Towards Integrating Formal Methods for Automotive Systematic Security Evaluations

Presented By Madeline Cheah (HORIBA MIRA)
  • 14:00-15:00
  • SMB103 Stewart Mason Building

About this event

Abstract

Vehicles are insecure.  To protect such systems, we must begin by identifying any weaknesses.  One approach is to apply a systematic security evaluation to the system under test.  In this presentation, we present a method for systematically generating tests based on attack trees.  We formalise the attack trees as provably-equivalent process-algebraic processes, then automatically generate tests from the process-algebraic representation.  Attack trees may include manual input, (and thus so will some test cases) but scriptable test cases are automatically executed.  Our approach is inspired by model based testing, but allows for the fact that we do not have a specification of the system under test.  We demonstrate this methodology on a case study and find that this is a viable method for automation of systematic security evaluations.

 

Biography

Dr Madeline Cheah is currently Cyber Security Innovation Lead at HORIBA MIRA, with responsibility for automotive and autonomous vehicle cyber security research at the company.  She started her current role after having earned a PhD in automotive cyber security at Coventry University, with a focus on systematic security evaluations on automotive interfaces and all the processes (formal or informal) that might be inherent in such a framework.  Her contributions have been published in peer-reviewed papers and she is a regular speaker at cybersecurity events.  Her research interests currently lie within high assurance methods for black-box testing, penetration testing and digital forensics.  She also has an MSc in Forensic Computing (also from Coventry University) and a BSc (Hons) in Biochemistry from the University of Warwick.  Before starting at HORIBA MIRA, she lectured on the topics of ethical hacking, digital forensics and network security for three years.