| 1. |
- Kleberger, Pierre, 1978
(författare)
-
A Structured Approach to Securing the Connected Car
- 2012
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Vehicles of today have become increasingly dependent on software to handle their functionalities. Updating and maintaining the software in vehicles has therefore become a costly process for the automotive industry. By introducing wireless communications to vehicles, vehicular maintenance can greatly be improved and many other new applications can also be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle. Thus, this thesis presents a general approach to securing the connected car and the usefulness of the approach is demonstrated in a vehicular diagnostics scenario.The thesis comes in two main parts. In the first part, we address security mechanisms for the connected car. First, a survey of current mechanisms to secure the in-vehicle networks is made. Then, a description of possible communication methods with vehicles is given and a taxonomy of current entities involved in such communication is presented. The taxonomy is organised in actors, vehicle-to-X communications, network paths, and dependability and security attributes. The usefulness of the taxonomy is demonstrated by two examples.In the second part, we address security with respect to vehicular diagnostics. First, an overall security analysis of the interaction between the connected car and the repair shop is conducted. We find that the most imminent risk in the repair shop is the loss of authentication keys. The loss of such keys allows masquerading attacks against vehicles. To address this problem, we propose a Kerberos-inspired protocol for authentication and authorisation of the diagnostics equipment and a trusted third party is introduced.To conclude, this thesis shows the value of adopting a structured approach to securing the connected car. The approach has been shown to be useful for identifying threats and countermeasures and thus help improving security.
|
|
| 2. |
- Kleberger, Pierre, 1978, et al.
(författare)
-
An In-Depth Analysis of the Security of the Connected Repair Shop
- 2012
-
Ingår i: The Seventh International Conference on Systems and Networks Communications (ICSNC), Proceedings. Lisbon, 18-23 November, 2012. IARIA.. - 9781612082318 ; , s. 99-107
-
Konferensbidrag (refereegranskat)abstract
- In this paper, we present a security analysis ofdelivering diagnostics services to the connected car in futureconnected repair shops. The repair shop will mainly providetwo services; vehicle diagnostics and software download. Weanalyse the security within the repair shop by applying a reducedversion of the threat, vulnerability, and risk analysis (TVRA)method defined by ETSI. First, a system description of therepair shop is given. Security objectives and assets are thenidentified, followed by the threat and vulnerability analysis.Possible countermeasures are derived and we outline and discussone possible approach for addressing the security in the repairshop. We find that many of the identified vulnerabilities candirectly be mitigated by countermeasures and, to our surprise,we find that the handling of authentication keys is critical andmay affect vehicles outside the repair shop as well. Furthermore,we conclude that the TVRA method was not easy to follow,but still useful in this analysis. Finally, we suggest that repairshop security should mainly be addressed at the link layer. Suchan approach may integrate network authentication mechanismsduring address allocation and also support encryption of datafor all upper layer protocols with minimal modifications.
|
|
