Main Page

From FASTR ACCORD Wiki
Jump to: navigation, search

FASTR Automotive Cybersecurity Co-Operative Research Database (ACCORD) Wiki

About FASTR

FASTR—Future of Automotive Security Technology Research—is a neutral nonprofit automotive security research consortium working to deliver the actionable applied and theoretical R&D needed now to drive systematic coordination of cybersecurity across the entire supply chain and ensure trust in the connected and autonomous vehicle of the future.

FASTR has created an ontology to categorize existing automotive cybersecurity research and aide in illustrating where more research is needed. Click the "List all sources" link in the left nav bar to see a list of research currently included. Additional contributions are encouraged to assist the industry in sharing available information and understanding where gaps currently exist.

For more information about FASTR, please visit fastr.org [1].

FASTR-2017-10-19.png

About the ontology

Sample of the Activity dimension.
Activity dimension.
To assist with organizing the research, FASTR built a taxonomy of concepts relevant to automotive cybersecurity research. The taxonomy was built bottom-up, starting from concepts found in the sources we had identified in our original search for relevant research. Whenever appropriate, more general concepts were introduced in order to form a broad concept hierarchy.

The ultimate goal of the taxonomy is to allow for a systematic classification of the sources found. Our analysis resulted in the identification of three dimensions: Activity, Component and Access. We identified key terms and established relationships among them, focusing mostly on class-subclass relationships, and associated them with each of the three dimensions. The image describes the hierarchy of the Activity category, which generalizes the major types of research activities found in the sources: Attack, Defense, Analysis. In turn, each of them is divided into concepts at a more granular level (such as “Data Exfiltration” under Attack).


Browsing the ontology

Use shortcut "List all sources" on the sidebar to access the content of the database.

When the page of an item is being displayed, clicking "Item graph" in the sidebar shows the ontology subtree for that item.

Clicking "Full ontology graph" displays the complete ontology graph with the current item highlighted.

In both types of graphs, a link is provided to display the graph as a stand-alone image, which can be zoomed in and out. Nodes whose labels are underlined can be clicked to visit the pages of the corresponding items.


Creating items and properties

To create a new item or a new property, use shortcuts "Create new item" and "Create new property" on the sidebar.

  • Items
    • Use property childOf to specify the type of item. For example, specify "childOf Paper" if the item is a paper
      • Whenever possible, add qualifier "linkType" to specify the type of link. Three types of links exist. "Instance Link" says that the item being created is an instance of the parent class. This is appropriate when entering a new paper. "Subclass Link" says that the item being created is a class, and specifically a subclass of the parent class. For instance, item "LiDAR Component" describes the class of all LiDAR components. "PartOf Link" says that the item is a part of a larger system. For instance, "TPMS Component" is a part of "Suspension System Component"
    • Use properties Title and Author to specify the corresponding information. Property Author may be specified multiple times, in the case of multi-author papers. The value of both properties is a string. For Author, the suggested format is <Last name>, <First name>
    • Use properties topic001, topic002, etc. to list the topics covered by a source. Each topic should described by a triple: Activity, Component, Access. When one element of the triple is not discussed by a source, it is acceptable to specify the topic as a pair or even by just one of the three dimensions. Only a single activity, component or access should be specified for each pair. If a source covers multiple topics, they must be specified by separate topicXXX properties. For instance, "Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study" discusses two topics, the vulnerability assessment (an activity) of short-range access to the TPMS (a component) and the prevention (an activity) of short-range access to the TPMS. These must be entered by means of two separate properties: topic001 with values Vulnerability Assessment Activity, TPMS Component, Short-range Access, and topic002 with values Prevention Activity, TPMS Component, Short-range Access
  • Properties
    • New properties should not be needed. However, if creation of properties becomes necessary, it can be accomplished by following the traditional process in mediawiki.

Moderation

  • See [2] for instructions on using Watchlists.
  • The use of extension Moderation [3] is recommended.

Consult the User's Guide for information on using the wiki software.

Getting started