Institute of Distributed Systems

Michael Wolf, M. Sc.

Michael Wolf, M. Sc.

Mercedes-Benz Tech Innovation

External Ph.D. Student
Mercedes-Benz Tech Innovation
Institut für Verteilte Systeme
Universität Ulm
Albert-Einstein-Allee 11
89081 Ulm
Baden-Württemberg
Deutschland
Office Hours

Usually I'm in the University from Monday to Friday at 10:00 - 16:00 . If I don't have an appointment, you can find me in the office O27-3210. Alternatively you can contact me via Email for an individual date.

Communication

You can encrypt the Emails to me with the following key.

PGP Key: download

PGP Fingerprint: 5BCE 3A1D 66E8 B037 8C38 5AC0 0DB0 3DF4 9A0E 6B46

Michael Wolf

Research

My interests vary in many fields of the informatics, like software development, IT security, privacy, artificial intelligence, ...

Currently i'm focusing on Security for Connected Autonomous Cars.

Projects

Teaching

Management of the seminars:

Supervision of the exercise:

Supervision of students:

Publications

2020

4.
M. Wolf, A. Willecke, J. Müller, K. Garlichs, T. Griebel, L. Wolf, M. Buchholz, K. Dietmayer, R. W. van der Heijden and F. Kargl, "Securing CACC: Strategies for Mitigating Data Injection Attacks" in 2020 IEEE Vehicular Networking Conference (VNC), New York, NY, USA, IEEE, 2020.
DOI:10.1109/vnc51378.2020.9318396


Abstract:
Cooperative Adaptive Cruise Control (CACC) is a typical example for cooperative maneuvers of connected, automated vehicles. Safe operation of any such vehicle highly depends on information emitted by the surrounding vehicles as it is processed by the vehicle's longitudinal controller. This opens an attack surface affecting vehicle safety. This paper studies how CACC controllers can be protected against such attacks to ensure the safety of the vehicle and its passengers. This raises the question of how to mitigate injection of false data into the controller by attacks and other forms of vehicle misbehavior. Based on a literature analysis, this paper defines a new categorization for mitigation strategies, discussing their individual strengths, weaknesses and their potential for attack mitigation. This categorization can be used to derive novel ideas for mitigations, for example, an approach with a parameter-dependent reaction of the controller based on a suspiciousness parameter signaled by the Misbehavior Detection System (MDS). Through a simulation study, we show that this approach improves safety and efficiency of the platoon under attack but also identify a fundamental trade-off between these two design goals.
3.
M. Wolf, A. Willecke, J. Müller, K. Garlichs, T. Griebel, L. Wolf, M. Buchholz, K. Dietmayer, R. W. Heijden and F. Kargl, "Securing CACC: Strategies for Mitigating Data Injection Attacks" in 2020 IEEE Vehicular Networking Conference (VNC), 2020, pp. 1-7.
DOI:10.1109/VNC51378.2020.9318396
2.
J. Kamel, M. Wolf, R. W. van der Heijden, A. Kaiser, P. Urien and F. Kargl, "VeReMi Extension: A Dataset for Comparable Evaluation of Misbehavior Detection in VANETs" in ICC 2020 - 2020 IEEE International Conference on Communications (ICC), ICC 2020, Dublin, Ireland, IEEE, 2020.
DOI:10.1109/icc40277.2020.9149132


Abstract:
Cooperative Intelligent Transport Systems (C-ITS) is a new upcoming technology that aims at increasing road safety and reducing traffic accidents. C-ITS is based on peer-to-peer messages sent on the Vehicular Ad hoc NETwork (VANET). VANET messages are currently authenticated using digital keys from valid certificates. However, the authenticity of a message is not a guarantee of its correctness. Consequently, a misbehavior detection system is needed to ensure the correct use of the system by the certified vehicles. Although a large number of studies are aimed at solving this problem, the results of these studies are still difficult to compare, reproduce and validate. This is due to the lack of a common reference dataset. For this reason, the original VeReMi dataset was created. It is the first public misbehavior detection dataset allowing anyone to reproduce and compare different results. VeReMi is used in a number of studies and is currently the only dataset in its field. In this Paper, we extend the dataset by adding realistic a sensor error model, a new set of attacks and larger number of data points. Finally, we also provide benchmark detection metrics using a set of local detectors and a simple misbehavior detection mechanism.

2019

1.
M. Wolf, "Combining safety and security threat modeling to improve automotive penetration testing", 04 2019.
DOI:10.18725/OPARU-13062


Abstract:
Newer technologies like connectivity and autonomy in the automotive sector increases the need for stronger security and for its evaluation penetration tests. In order to focus the tests first on the most critical possible vulnerabilities, threat modeling with a ranking of the risk level is mandatory. Because lives depend on the security of the vehicle, both safety and security aspects should be included into this threat model. Furthermore, the usage of a tool is required, which helps and automates some parts of the process, so the time effort is reduced and the acceptance of the methodology increased. Up to our knowledge no such holistic methodology exists, therefore we have created the CVSIL threat methodology. It combines the outcome of a Hazard Analysis and Risk Assessment (HARA) with results from using Microsofts’ Threat Modeling Tool 2016 and our own application, the TMTe4PT. With our proposed novel solution, after the faults have been mapped to the threats, the Collateral Damage Potential metric can be derived from the HARA, and so the CVSS overall score can be calculated and used as risk level. Additionally, we have introduced another score for the ranking, the Security-ASIL, which consists of elements from the security and safety analysis. For the evaluation, we have illustrated a hypothetical Adaptive Cruise Control (ACC) system and analyzed it with our model and tool. These findings were compared to those from expert interviews and the problems discussed. Based on our results, the CVSIL methodology in its current state does not provide a better distinction and therefore a better ranking between the threats violating the safety. The contribution of this thesis is the evaluation of existing threat methodologies, public threat modeling tools and our own CVSIL methodology. Furthermore we provide a hypothetical ACC system with system architecture and component definitions. For this system, the results of a shortened HARA and threat analysis are released. Additionally, our tool the TMTe4PT will be made open source.

Individual Topics

You can contact me for supervision, if you have an idea for a thesis or project out of my research area.

Information to Topics

For details to thesis and projects, or further open topics from colleagues , please visit the corresponding site of our institute.

Open Topics

Taken Topics

„Continuous Configuration Security Testing on Unix Based Embedded Systems in the Automotive Domain,“ Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2021 – Vergeben.
Modern vehicles have many ECUs running specific software, which require continuous updates. Always testing the whole application when only small corrections (in the configuration) are made, would require unnecessary resources. A solution to this problem can be to only test the changes made from a safe state, which implies checking mostly the differences in the configuration. Unfortunately currently only few tools and research exists, which tackles this problem in the embedded and automotive domain. Therefore in this theses, the student has to look at the configuration testing of embedded devices in the automotive domain in the security context. For this, a survey of existing research and frameworks about configuration testing has to be done - in the automotive domain but also in other areas. Then the student has to highlight problems and address them with an own solution by creating a model and test it either by using existing tools or writing a small PoC app. Afterwards, the test results have to be evaluated in regards to the security context e.g. by expert interviews.
„Designing exercise tasks for Security in IT-Systems lecture,“ Bachelorarbeit, Masterarbeit, Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2021 – Vergeben.
This topic addresses primarily students of the teaching profession, however others may also apply. In this work you should design and create one or more exercise sheets (depending on the ECTS) for the lecture Security in IT-Systems combined with an automated grading system. One such sheet can be about web security where students have to hack a web server launched on a docker image - similar to hackthissite.org. For a list of other topics, please refer to the module description: https://www.uni-ulm.de/in/vs/teach/sec
„Migrating the Maat framework to C++,“ Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2021 – Vergeben.
In this project, the student has to migrate the Maat Framework to C++. In the future, the controller logic of the Carrera demonstrator should run on automotive hardware which mainly supports C/C++. Therefore, a MBS is required which is not written in Java or Python. Maat, which was developed by van der Heijden to analyze the VeReMi dataset, is written in Java and only batch processing log files. So in order to implement Maat into the Carrera demonstrator, it has to be ported into C++, the 3rd party libraries need to be exchanged for C++ versions and the logic adapted to process stream data. This migration has the additional benefit, that (the stream version of) Maat can be implemented into the VEINS framework for an in-time simulation.
„The impact of privacy on smart traffic lights systems,“ Masterarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2021 – Vergeben.
With modern technologies in vehicles like the use of VANETS, other systems like traffic lights can be upgraded. A smart traffic light system (STLS) can adjust the green phases according to the number of vehicles driving towards it. An even more intelligent version, can even calculate the vehicles' trajectory and approximate arrival time, adjust the phase appropriately and then send a message to the vehicle with how long the green phase will last. With this information, the vehicle can then adjust the speed so it will does not need to break. The STLS would need certain information of the vehicles, like position, speed and size, which could lead to a privacy breach when the vehicle can be tracked. Therefore, privacy mechanisms need to be implemented, like the PET Differential Privacy. In this thesis, you should create a survey of possible PETs as well as look into possible scheduling algorithms for this scenario. Select a simple and a more complex algorithm for the traffic light control and compare them with the help of a simulation. Then choose at least one PET with which you will evaluate the impact of privacy on your STLS.
„ARXML Parser for a Wireshark Dissector,“ Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Vergeben.
In this project, the student has to write a tool which parses an .arxml file and outputs a configuration for a Wireshark dissector, which also needs to be implemented. The parser has to output a .json file containing the relevant data from the .arxml files, as well as storing this output in a database. The dissector will have an import function, where the .json file can be uploaded. Additionally, the dissector should be able to talk to a REST Api which exposes the database.
„CACC Demonstration with a Carrera Track,“ Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Vergeben.
In this project, the student has to build a Carrera Track demonstrator where cars are using CACC and driving in a platoon. First, the Carrera Track has to be build up where each car can be accessed and controlled from a Raspberry Pi. Then, a object tracking system needs to be implemented in cooperation with TU Braunschweig, which outputs the position of each vehicle on the track. After this, a controller needs to be programmed which uses the position data to form a platoon. Now, the program needs to be split up in such a way, that each instance is controlling only one vehicle and communicating with the others. At last, a use case of a crash has to be simulated, where the 2nd vehicle in the platoon is sending wrong data (e.g. the vehicle is accelerating but sending a deceleration).
„Generating synthetic data using MABS,“ Bachelorarbeit, Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Vergeben.
PaySim, a Mobile Money Payment Simulator simulates money transactions between users based on Multi Agent Based Simulation (MABS). It also generates data that can be used to test algorithms which should detect suspicious activities or fraud. This generated data is based on real financial data, which cannot be published for security reasons. In order to use or train the detection algorithms on real data, the synthetic information should be as similar as possible to the real one but not exactly the same. In this project or thesis, you should read the work of A. Elmir and E. Lopez-Rojas (PaySim), as well as the theory of MABS. Then you should implement a similar program to PaySim, which has certain data as input and should output generated synthetic data which fulfills the above requirement. As a test, you have to use the VeReMi Dataset where detection algorithms and results already exist. Then, the tool will be used on CAN messages.
„Using Machine Learning for Misbehavior Detection in CACC,“ M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2019 – Vergeben.
Modern vehicles will use communication to increase the safety of its passengers, reduce fuel consumption, travel time, and more. The communication between the vehicles will be mainly beacon messages containing the speed, position, acceleration and other properties. These messages need to be validated, if they contain correct (plausible) information. For example, when a vehicle is suddenly stopping, but sending an increase in speed, the following vehicles may crash into the misbehaving vehicle. In literature, there is already existing work on detecting misbehavior in the data with different techniques such as subjective logic or machine learning. In this project, we will analyze the VeReMi data-set with the help of different machine learning algorithms. The number of algorithms compared is depending on the scope (credits). The student can choose the framework, e.g. PyTorch.

Completed Topics

„The impact of privacy in Vehicular Edge Computing,“ Bachelorarbeit, Masterarbeit, Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2021 – Abgeschlossen.
Modern vehicles will communicate with their environment using Vehicular Ad Hoc Networks (VANET) sending out regular status beacons or warning messages. Those are collected by Road Side Units (RSU) and will be combined with other data, like weather or information from the backend. With this data certain calculations can be performed (e.g. predicting the vehicle density). Furthermore, vehicles may transfer additional data, which is too resource intensive to calculate for themselves, to the RSUs . This process of transmitting data for expensive calculations is called Edge Computing. Currently a lot of work focuses on the benefits and possible applications of VEC, as well as on how PETS can be implemented. But little research is done how privacy techniques impact VEC and safety. In this project/thesis, you have to implement one or more PETS (depending on ECTS) in a VANET simulation framework (Plexe/Veins) and analyze its impact.
„Defense strategies against attacks on platooning,“ Bachelorarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Abgeschlossen.
In this Bachelor thesis possible attacks on platooning should be gathered and defense strategies against these attacks proposed. With the help of a simulation framework (OMNET++, SUMO, VEINS) one attack and defense mechanisms should be implemented and evaluated.
„Improving the Carrera Vehicle Control,“ Projektarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Abgeschlossen.
Simulating Cooperative Adaptive Cruise Control (CACC), where vehicles exchange status messages and adapt their driving behavior accordingly, is already possible with VEINS or ARTERY. However, in order to present the concept of CACC, an attack on it and the prevention, a live system would better demonstrate the need of a misbehavior detection system (MDS). For this we have chosen a Carrera Digital track, which allows controlling multiple cars in one lane, each with a different speed. However, currently only 15 speed levels can be used which prevents a more fine grained control. In this project, you have to improve the control over the speed levels from the Carrera cars. For this, the student has to disassemble a Carrera vehicle, and determine if the motor and/or controller has to be changed. If so, the student has to choose a suitable hardware which can replace the current one. Then, a protocol has to be defined and implemented which is modulated over the power supply to control the speed of different vehicles on the same track.
„Security Analysis of an Android App,“ Masterarbeit, M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Abgeschlossen.
The majority of adults have cell phones that are used for many different tasks, and for each task there are different apps, resulting in 2.8 million apps in the Google Play Store. Using apps always requires a certain level of trust, as most of them require at least an Internet connection and access to storage. However, such permissions open the door to vulnerabilities that can be exploited. Especially apps for older Android versions that are no longer patched may have known vulnerabilities. Furthermore, these permissions can be abused to collect user information which are sent it to backend servers. In this thesis, you first have to consider which app of the Google Play Store is most likely to have a vulnerability and justify this decision. Then compare existing methods for finding vulnerabilities in APKs and either choose one or create a new methodology that is more appropriate for your use case.Then you must reverse engineer the app and analyze it for vulnerabilities. As an additional optional task, you can also look for security and privacy v breaches in the app itself.
„Building a DoIP Fuzzer,“ M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2019 – Abgeschlossen.
In this project, the student has to build a Diagnostics over Internet Protocol (DoIP) Fuzzer, which will send arbitrary messages to electronic control units (ECUs) and records their responses. Based on these, a list of possible commands with their accepted parameters should be generated. Additionally, with the help of the DoIP Fuzzer, possible security vulnerabilities should be discovered and listed.

Individual Seminar Topic

You can contact me for supervision if you have an own idea for a seminar topic out of my research area.

Information

For details to the Seminars please visit the corresponding site of our institute.

Bachelorseminar ATVS and Masterseminar RTDS

Current Topics

  • Password Managers (2021 SS)

Completed Topics

  • Time constraints of Security in CACC (2020 WS)
  • Multi Agent Based Simulations (2020 WS)
  • Internet of Things: A Security Perspective (2020 SS)
  • Attacks on Platoons (2019 WS)
  • Browser Privacy (2019 WS)
  • Risk Evaluation Methodologies (2019 SS)
  • IDS Algorithms (2019 SS)

Proseminar PRIV

Current Topics

  • Privacy bei Messenger X (2021 SS)
  • Privacy in Sozialen Netzwerken (2021 SS)
  • Tor: The Onion Router (2021 SS)

Completed Topics

  • Kryptographische Grundlagen (2020 SS)
  • Datenanonymisierung vs. Datennutzung (2020 SS)