
























This paper questions how to approach threat modelling in the automotive domain at both an abstract level that features no domain-specific entities such as the CAN bus and, separately, at a detailed level. It addresses such questions by contributing a systematic method that is currently affected by the analyst's subjectivity because most of its inner operations are only defined informally. However, this potential limitation is overcome when candidate threats are identified and left to everyone's scrutiny. The systematic method is demonstrated on the established LINDDUN threat modelling methodology with respect to 4 pivotal works on privacy threat modelling in automotive. As a result, 8 threats that the authors deem not representable in LINDDUN are identified and suggested as possible candidate extensions to LINDDUN. Also, 56 threats are identified providing a detailed, automotive-specific model of threats.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。