CS2125 Paper Review Form - Winter 2019 Reviewer: Yasaman Rohanifar Paper Title: Requirements and Architectures for Secure Vehicles Author(s): Michael W. Whalen, Darren Cofer, and Andrew Gacek 1) Is the paper technically correct? [*] Yes [ ] Mostly (minor flaws, but mostly solid) [ ] No 2) Originality [ ] Very good (very novel, trailblazing work) [*] Good [ ] Marginal (very incremental) [ ] Poor (little or nothing that is new) 3) Technical Depth [ ] Very good (comparable to best conference papers) [ ] Good (comparable to typical conference papers) [*] Marginal depth [ ] Little or no depth 4) Impact/Significance [ ] Very significant [*] Significant [ ] Marginal significance. [ ] Little or no significance. 5) Presentation [ ] Very well written [*] Generally well written [ ] Readable [ ] Needs considerable work [ ] Unacceptably bad 6) Overall Rating [ ] Strong accept (award quality) [ ] Accept (high quality - would argue for acceptance) [*] Weak Accept (borderline, but lean towards acceptance) [ ] Weak Reject (not sure why this paper was published) 7) Summary of the paper's main contribution and rationale for your recommendation. (1-2 paragraphs) Based on addressing the issue of trust in softwares used in vehicles, this paper elaborates on a project called High-Assurance Cyber Military Systams (HACMS) by DARPA. The authors open with introducing the three teams (air, ground, red) involved in this project and later on elaborate on the contributions of one of the Air Team which builds software stacks for Unmanned Aerial Vehicles (UAVs). The ground team, as they describe, investigates software for automobiles and ground-based robots, and the red team consists of professional penetration testers to test the performance of softwares built by the two aforementioned teams. By focusing on established security attacks, the air team first set the requirements and limits, and then, they tried to eliminate the weaknesses by modeling their system architecture in order to reason about the system volnerabilities, and discussing different programming languages that better fit with model checking tools. Finally, building on that, they reasoned about security and composition of their system. Their results showed that for the phase 1 of their implementation, attacks were only possible only through communications links between ground station and UAV, and for phase 2, they provided root access to a Linux partition that controlled a camera used for vehicle tracking. For their third and last phase of the 18-month project, they projected to add secure geofencing to ensure UAVs avoid certain no-fly zones with the final goal of producing software for vehicles that can withstand attacks from sophisticated attackers. 8) List 1-3 strengths of the paper. (1-2 sentences each, identified as S1, S2, S3.) S1: It is very concise and abstract in terms of technical details (good for a fish eye view of their actual work) which makes it a good candidate for a section in IEEE magazine. S2: It focuses on major known security attacks while ensuring the generic security principles which makes the contribution significant. S3: It presents a good workflow of the project along with their assumptions, challenges, and generic results which demonstrates their research journey. 9) List 1-3 weaknesses of the paper (1-2 sentences each, identified as W1, W2, W3.) W1: To me this paper seemed like a research diary rather than a research paper. It had little technical depth which can be insufficient for a person who is looking for a detailed documentaion of their work. W2: It lacked visual representations such as charts and tables to better demonstrate the result of their work rather than their rationales. However, it could be arguable that that they couldn't fit more information due to limited space in the magazine or they simply couldn't disclose classified information because of the military nature of their project. W3: The paper mainly discusses Unmanned Aerial Vehicles (UAVs) with the some basic assumptions about flying autonomous vehicles, which do not necessarily hold for ground-based autonomous vehicles which is the main concern of this course. Furthermore, some important elements like environmental transitions and further applicable security measures to enahcne their system, as well as their reason of choice for some languages and systems were not mentioned in this paper.