In order to demonstrate the implied relevance in real world use cases, REWIRE applies its risk assessment framework to the automotive sector, one of the most demanding areas for cybersecurity. Modern vehicles are essentially computers on wheels, with dozens of interconnected Electronic Control Units (ECUs), complex firmware, and constant communication with external networks. This makes them highly vulnerable to cyber threats, where an exploited weakness can have direct safety consequences.
The Problem
Vehicles present particularly complex attack surfaces, as multiple ECUs, sensors, and communication protocols coexist. Because many of these systems interact with critical functions such as braking, steering, and engine control, cybersecurity failures can directly translate into physical harm. The automotive sector is also subject to increasing regulatory pressure. Standards like ISO/SAE 21434 impose strict requirements for cybersecurity risk management, pushing manufacturers to adopt robust assessment and mitigation methods.
Applying REWIRE’s Risk Assessment as Solution
In the automotive instantiation described in REWIRE, the process begins with system modelling. Each ECU and communication link is represented as an asset, and the dependencies between them are mapped. Vulnerability analysis is then applied to identify risks in ECU firmware, communication stacks, and over-the-air update mechanisms. Threat scenarios are derived from this analysis. They include the remote exploitation of telematics systems, local attacks through compromised diagnostic tools, and malicious firmware updates.
The risk assessment engine quantifies the risks by combining likelihood and impact metrics with domain-specific safety considerations. This ensures that vulnerabilities in safety-critical components, such as brakes and steering, are prioritised much higher than those in less critical systems such as infotainment. The findings are then fed into MSPL-based security policies, which can automatically trigger enforcement actions like network segmentation or ECU-level monitoring.
| System Modelling
|
· ECUs and communication links are modelled as assets.
· Dependencies between subsystems are mapped. |
| Vulnerability Input | · Vulnerability analysis identifies risks in ECU firmware, communication stacks, and over-the-air update mechanisms. |
| Threat Scenarios
|
· Remote exploitation of telematics systems.
· Local attacks via compromised diagnostic tools. · Malicious firmware updates |
| Risk Quantification
|
· REWIRE’s engine assigns risk scores based on likelihood, impact, and domain-specific safety factors.
· Safety-critical vulnerabilities (e.g., brakes, steering) are prioritised higher than non-critical ones (e.g., infotainment). |
| Policy Feedback | · Findings are integrated into MSPL-based policies, driving enforcement actions such as network segmentation or ECU-level monitoring. |
Conclusion and Outcome
The automotive use case demonstrates how REWIRE’s framework can prioritise risks in a way that is directly relevant to the safety and operational context of vehicles. It ensures compliance with regulatory standards while providing a dynamic and adaptive assessment of cybersecurity threats.
By applying its modular risk assessment framework to the automotive sector, REWIRE demonstrates its real-world value in one of the most safety-critical domains. The instantiation underscores the project’s ability to enhance trust and resilience in connected vehicles.