Version 1
: Received: 2 January 2024 / Approved: 3 January 2024 / Online: 3 January 2024 (08:06:01 CET)
How to cite:
Das, P.; Asif, M. R. A.; Jahan, S.; Khondoker, R.; Ahmed, K.; Bui, F. M. STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System. Preprints2024, 2024010185. https://doi.org/10.20944/preprints202401.0185.v1
Das, P.; Asif, M. R. A.; Jahan, S.; Khondoker, R.; Ahmed, K.; Bui, F. M. STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System. Preprints 2024, 2024010185. https://doi.org/10.20944/preprints202401.0185.v1
Das, P.; Asif, M. R. A.; Jahan, S.; Khondoker, R.; Ahmed, K.; Bui, F. M. STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System. Preprints2024, 2024010185. https://doi.org/10.20944/preprints202401.0185.v1
APA Style
Das, P., Asif, M. R. A., Jahan, S., Khondoker, R., Ahmed, K., & Bui, F. M. (2024). STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System. Preprints. https://doi.org/10.20944/preprints202401.0185.v1
Chicago/Turabian Style
Das, P., Kawsar Ahmed and Francis M. Bui. 2024 "STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an Infotainment High Performance Computing (HPC) System" Preprints. https://doi.org/10.20944/preprints202401.0185.v1
Abstract
In modern automobiles, Infotainment High-Performance Computing (HPC) systems play a vital role in enhancing the capabilities of drivers and passengers by providing advanced features consisting of music, navigation, communication, entertainment, etc. However, as the use of information technology in vehicles increases, it results in cybersecurity threats such as data breaches and the loss of sensitive information. To improve the security of the infotainment system in automotive vehicles, the research conducted threat modeling at the component level using Microsoft’s STRIDE tool and performed risk assessment by using SAHARA (Safety-Aware Hazard Analysis and Risk Assessment) and DREAD methodologies to evaluate associated risks. It provides a systematic representation of threats, associated risks, and generic mitigation strategies to counter cybersecurity attacks. Through the threat modeling process, 34 potential security threats were identified. The study also provided a comparative analysis to calculate the risk values of the threats to prioritize for treatment. These identified threats and associated risks need to be considered to avoid potential cyberattacks, before deploying the infotainment HPC system in real-world automotive vehicles.
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.