Network topology description language and communication policy analysis in the automotive scenario

In recent times, the automotive sector has undergone radical changes as regards to cybersecurity problems, eventually becoming a sector of interest for companies and researchers. Problems concerning automotive industry in fact revolved mainly around the safety of vehicles themselves until few years ago, whereas nowadays cybersecurity has to be also taken into account, since vehicles contain from 30 up to 100 different Electronic Control Units (ECUs). Each one of these ECUs control a specific module (from the brakes to the steering wheel, to the managing of multimedia contents) reading data from the sensors (e.g., wheel speed, tire pressure, etc.) and producing actions through the actuators (e.g., pulling the brakes, turning on/off a lamp, etc.). We can therefore affirm that the safety of a vehicle goes through the proper implementation of cybersecurity of these computing units. A further crucial aspect to underline is that these ECUs are interconnected, thus creating a bigger attack surface that can be exploitable by attackers in order to conduct attacks against vehicles. For these reasons Original Equipment Manufacturer (OEMs) have to setup their objectives in order to deal with this issue and be more competitive, thus applying security by design and being compliant to the latest international regulations with regard to cybersecurity. This thesis takes the inputs provided by these normatives (e.g., ISO/SAE 21434 and UNECE WP.29/R155) and describes the development of a possible topological representation of structural elements of an automotive architecture, identifying assets of interest based on an ontology. Furthermore a study of an access control model using communication policies follows; this stage involves: High level policies formalization starting from design constraint, through refinement process extract from them Low level policies that should be used in order to configure filtering devices and in the end, with the aim of avoid misconfiguration of filtering element, anomaly analysis and reachability analysis are made. Conclude this work an analysis of results obtained and how they can be used in future development.