Degree Type

Creative Component

Semester of Graduation

Fall 2019

Department

Electrical and Computer Engineering

First Major Professor

Dr. Lotfi Ben Othmane

Second Major Professor

Dr. Doug Jacobson

Degree(s)

Master of Science (MS)

Major(s)

Computer Engineering

Abstract

Architecture-based threat modeling of Autonomous Vehicle software helps to identify the potential threats to the given vehicle it is employed to. However, software are often developed iteratively, in frequent increments, which makes maintaining their architecture representations challenging. Thus, the threat model of a given software, developed from the architecture diagrams can become quickly obsolete. This creative component proposes the recovery of software architecture from source code of software and the use of an attack surface-specific threat library to identify the threats that apply to a given version of the software. The approach is applied to an autonomous vehicle software called Apollo Auto, which is developed by Baidu. We show how to automatically recover the architecture of the software and identify the threats that apply to it. The results of this project indicate the differences between the threat models of the same software, developed from the given architecture, ground-truth architecture and recovered architecture of the software. Furthermore it shows that threat model developed from given obsolete architecture may miss some impact threats that apply to the software.

Copyright Owner

Shifa Khan

File Format

PDF

Download

Share

COinS