Re: Security & Privacy TF Charter from Gavigan, Kevin on 2015-07-03 (public-auto-privacy-security@w3.org from July 2015)

From: Gavigan, Kevin <kgavigan@jaguarlandrover.com>
Date: Fri, 3 Jul 2015 17:34:45 +0100
To: Junichi Hashimoto <xju-hashimoto@kddi.com>, Kazuyuki Ashimura <ashimura@w3.org>
Cc: 平林立彦 <ta-hirabayashi@kddi.com>, public-auto-privacy-security@w3.org, Lovene Bhatia <lbhatia@jaguarlandrover.com>, Jonathon Crowley <jcrowle3@jaguarlandrover.com>
Message-ID: <CAKaHsmfhqxwp5u0hLi_gHd1XCP=dzgELrgLa---=uwUbUy56kw@mail.gmail.com>
Hi Gents,

In addition to defining Use Cases so that other W3C IoT groups understand
automotive scenarios, completely agree that it is a good idea to develop
Threat Models along the lines that Junichi has outlined:

1. define model (actors and relationship between actors),
2. listing up threat on the model,
3. listing up requirement against these threat.

In case it is useful, we have found the following resources useful:

   - https://www.owasp.org/index.php/Application_Threat_Modeling
   - https://msdn.microsoft.com/en-us/library/ff648006.aspx
   - Threat Modelling, Frank Swiderski, Window Synder, Microsoft Press, 2004
   - Threat Modelling – Designing for Security, Adam Shostack, Wiley, 2014
   - Security Development Lifecycle (Best Practices) Paperback, M. Howard
   S. Lipner, MS Press, 2006

When we researched threat modelling for an internal mini-conference, we
found that a lot of articles, books etc on Secure Software Development and
Software Threat Modelling originate from sources linked to Microsoft -
which in a sense isn't surprising since they have been working for many
years to identify and address threats and in so doing, to harden their
products against attack. They also provide a free threat modelling tool:

   - https://www.microsoft.com/en-gb/download/details.aspx?id=42518
   - https://www.microsoft.com/en-us/sdl/adopt/threatmodeling.aspx
   -
   https://blogs.microsoft.com/cybertrust/2014/04/15/introducing-microsoft-threat-modeling-tool-2014/


Kind regards,

Kev

*Kevin Gavigan BSc (Hons), MSc, PhD, MCP MCTS*
*Software Architect*

*Connected Infotainment*


*Mobile: 07990 084866*
*Email:* kgavigan@jaguarlandrover.com

*Office address:*
*GO03/057** • **Building 523, **Gaydon** • **Maildrop: (G03)*
*Jaguar Land Rover • Banbury Road • Gaydon • Warwick • CV35 0RR*

On 3 July 2015 at 12:12, Junichi Hashimoto <xju-hashimoto@kddi.com> wrote:

> Hirabayashi-san, all:
>
> Thank you for the slide and sorry for my late response.
>
> Systematical consideration is important and also I think the process
> should be recorded in our final report (BG note or TF note).
>
> I've surveyed other standards to see how they describe the process and
> found that ITU-T x.1121[1] gives a good example. The structure is
>
> 1. define model (actors and relationship between actors),
> 2. listing up threat on the model,
> 3. listing up requirement against these threat.
>
> I think this is the best way to proceed our discussion.
>
> About model, I have the same idea with the figure of hirabayashi-san's
> slide, but it is a minimal. Before we decide our focus, once we should put
> all stakeholders into the model.
>
> I guess, BG member might consider on stakeholders in the past. If you have
> such results, please kindly share with us.
>
> [1] https://www.itu.int/rec/T-REC-X.1121-200404-I/en
>
> Regards,
> Junichi
>
>
>
> On 15/07/1 20:10 , 平林 立彦 wrote:
>
>> Hi all,
>>
>> Over several weeks, I have been looked for better ways to systematically
>> proceed with
>> security & privacy consideration, and made a draft proposal uploaded to
>> the last line
>> of References in [1],
>>
>> [1] https://www.w3.org/auto/security/wiki/ASP_TF
>>
>> whereas privacy pages are now in the make and will be up within a week,
>> reviewing
>> legislative and regulatory trends.
>>
>> Any comments are appreciated.
>> If necessary, original slides will be distributed for your editing.
>>
>> Tatsuhiko Hirabayashi/KDDI
>>
>> -----Original Message-----
>> From: Junichi Hashimoto [mailto:xju-hashimoto@kddi.com]
>> Sent: Wednesday, July 01, 2015 9:33 AM
>> To: Gavigan, Kevin; T Guild; Junichi Hashimoto
>> Cc: Kazuyuki Ashimura; public-auto-privacy-security@w3.org; Adam Crofts;
>> Abramski, Adam M; Paul Boyes; Paul Sanderson; Lovene Bhatia; Peter Virk
>> Subject: Re: Security & Privacy TF Charter
>>
>> Hi Kevin,
>>
>> Thank you for your work!
>>
>> I have a question on ADAS. Do you expect ADAS is developed as a WebApp?
>> Otherwise, how does it communicate with webruntime?
>>
>> Regards,
>> Junichi
>>
>> On 15/06/30 20:31 , Gavigan, Kevin wrote:
>>
>>> Hi Ted and Junichi,
>>>
>>> /Re: Security and Privacy Task Force - Use Cases/
>>>
>>> Just a quick email to say that I've linked in the new page and added a
>>> number of automotive security use cases to it.
>>>
>>> Please see: https://www.w3..org/auto/security/wiki/ASP_TF
>>> <https://www.w3.org/auto/security/wiki/ASP_TF>, click on 'Use Cases',
>>> 'List of Use Cases' which shows:
>>>
>>> https://www.w3.org/auto/security/wiki/Use_Cases
>>>
>>> Along with other members of the group, will plan to add to this over
>>> time...
>>>
>>> Regards and best wishes,
>>>
>>> Kevin
>>>
>>>
>>>
>>> *Kevin Gavigan BSc (Hons), MSc, PhD, MCP MCTS* */Software Architect/*
>>> */Connected Infotainment
>>> /*
>>>
>>> */Mobile: 07990 084866
>>> /*
>>> /*Email:*/ kgavigan@jaguarlandrover.com
>>> <mailto:kgavigan@jaguarlandrover.com>
>>>
>>> */Office address:/*
>>> *GO03/057** • **Building 523, **Gaydon** • **Maildrop: (G03)**/
>>> /**Jaguar Land Rover • Banbury Road • Gaydon • Warwick • CV35 0RR*
>>>
>>> On 26 June 2015 at 19:02, Ted Guild <ted@w3.org <mailto:ted@w3.org>>
>>> wrote:
>>>
>>>      On Fri, 2015-06-26 at 16:46 +0100, Gavigan, Kevin wrote:
>>>      > Hi Ted and Junichi,
>>>      >
>>>      >
>>>      > >> we already agree with that you provides use cases.  Could you
>>>      > create a page and start writing them?
>>>      >
>>>      >
>>>      > Sorry for the slow response, its been hectic at work (a couple of
>>>      > ~80hr weeks if you are allowed to count travelling :-).
>>>      >
>>>      >
>>>      > I've written up a number of use cases (in simple text format at
>>>      > present), that I can upload, but have a newbie question:
>>>      >
>>>      >
>>>      > I can see how to edit the charter page, and from the Help how to
>>> add
>>>      > links from that page to a new page, but can't see how/where I can
>>> add
>>>      > a new 'Use Cases' page. Could you please advise?
>>>
>>>      Hi Kevin,
>>>
>>>      Sure.
>>>
>>>      It isn't immediately intuitive but simply create a new URI
>>> underneath
>>>      wiki/
>>>
>>>      https://www.w3.org/auto/security/wiki/Use_Cases
>>>
>>>      If the page does not already exist you are given a link to start it.
>>>
>>>      [[There is currently no text in this page. You can search for this
>>> page
>>>      title in other pages, search the related logs, or edit this page.
>>> ]]
>>>
>>>      You can start off with simply copy and pasting your text file.  The
>>> Help
>>>      pages can help you with formatting but here are a few basics:
>>>
>>>      =Heading=
>>>
>>>      Plain text goes here
>>>
>>>      * list item 1
>>>      * list item 2
>>>      * list item 3
>>>
>>>      Sample link with text
>>>
>>>      [http://www.w3.org/auto Auto activity homepage]
>>>
>>>      ==Subheading===
>>>
>>>      You can click on edit of an existing page to see how the formatting
>>> is
>>>      done on it.
>>>
>>>      Cheers,
>>>      --
>>>      Ted Guild <ted@w3.org <mailto:ted@w3.org>>
>>>      W3C Systems Team
>>>      http://www.w3.org
>>>
>>>
>>>
>>
>>
>>
>>
>>
>>
>
>
Received on Friday, 3 July 2015 16:35:34 UTC