ACTISM: Threat-informed Dynamic Security Modelling for Automotive Systems

Cybersecurity threats in complex cyber-physical systems pose significant risks to system functionality and safety. This experience report introduces ACTISM (Automotive Consequence-Driven and Threat-Informed Security Modelling), an integrated security modeling approach that enhances the resilience of automotive systems by dynamically updating their cybersecurity posture in response to prevailing threats, attacker tactics, and their impact on system functionality and safety. ACTISM addresses the existing knowledge gap in static security assessment methodologies by providing a dynamic and iterative framework. We demonstrate the effectiveness of ACTISM by applying it to a real-world example of the Tesla Electric Vehicle's In-Vehicle Infotainment system, illustrating how the security model can be adapted as new threats emerge. We also outline avenues for future research and development in this area, including automated vulnerability management workflows for automotive systems.