| 1. |
- Kleberger, Pierre, 1978
(författare)
-
On Securing the Connected Car - Methods and Protocols for Secure Vehicle Diagnostics
- 2015
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Software has been the enabler for the last decades of innovation in new vehicle functions. It is now an integrated part of today's cars and the maintenance and update of this software have become a costly process for the automotive industry. As wireless communication to vehicles is being introduced, vehicular maintenance can greatly be improved and many other new applications can be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle and that appropriate security mechanisms are implemented in the vehicle to prevent malicious vehicle manipulations. In this thesis, approaches to secure the connected car and in particular mechanisms and protocols to secure administrative services for vehicle diagnostics and software download are presented. First, the landscape of the connected car and its infrastructure is investigated. A survey of current mechanisms to secure the in-vehicle network is made and a description of possible communication methods with vehicles is given together with a taxonomy of current entities involved in such communication. The usefulness of the taxonomy is demonstrated by two examples. Then, security analyses of vehicle maintenance in repair shops are conducted. Generic mechanisms and protocols are proposed to secure vehicle diagnostics, which are independent of the diagnostics protocol being used. The proposed protocol prevents unauthorised access to vehicles and it has been formally verified to ensure its correctness. Finally, security mechanisms for in-vehicle communication is addressed, where analyses are performed to design better in-vehicle network architectures that support both safety and security. To conclude, this thesis contributes with new approaches to perform secure maintenance of future connected cars using wireless communication and to prevent unauthorised manipulations of the vehicle.
|
|
| 2. |
- Kleberger, Pierre, 1978, et al.
(författare)
-
Towards designing secure in-vehicle network architectures using community detection algorithms
- 2015
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. - 9781479976607 ; 2015-January:January, s. 69-76
-
Konferensbidrag (refereegranskat)abstract
- Efforts in securing the in-vehicle network have resulted in a number of proposed security mechanisms in recent years. However, so far little attention has been given to the actual architecture of the in-vehicle network. An approach within in-vehicle network design is to divide the network into domains, where each domain consists of a set of Electronic Control Units (ECUs) that handles some united functionality, e.g., body control, powertrain, and telematics. Still, this approach is based on 'best engineering practice' and there is room for improvements. In this paper, we study real traffic from a modern car and we try to divide the in-vehicle network into domains using automated partitioning algorithms. To find the optimum division, we select four community detection algorithms, known from social network analysis, and we evaluate their ability to find these domains. We conclude that community detection algorithms can be used to identify in-vehicle domains based on the message types (signals) used in the in-vehicle network and we demonstrate this by applying the algorithms to real data. The approach is not limited to only message types, but domains can also be identified based on other criteria, such as frequency of messages, payload sizes, or Automotive Safety Integrity Levels (ASILs). We also conclude that the identification of good domains can facilitate the implementation of security measures. Therefore, we believe that the approach has great potential to help engineers in deriving secure in-vehicle network architectures during the design of a vehicle.
|
|
