Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates

Idrees, Muhammad; Schweppe, Hendrik; Roudier, Yves; Scheuermann, Dirk; Henniger, Olaf

doi:10.1007/978-3-642-19786-4_20

Cited by 38 publications

(13 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers has proposed different techniques such as: (i) use of hardware security modules (HSMs) for secure boot, processing and storage [152]; (ii) various isolation mechanisms (e.g., by using virtualization, container, microkernel, etc.) [153], [154]; (iii) hardware/software architecture for over-the-air (OTA) updates [155]; (iv) statistical analysis of ECU firmware images by reverse engineering to detect misbehaving ECUs [156], etc. to name but a few.…”

Section: Threats To Intra-vehicle Components and Countermeasuresmentioning

confidence: 99%

Securing Vehicle-to-Everything (V2X) Communication Platforms

Hasan

Mohan

Shimizu

et al. 2020

IEEE Trans. Intell. Veh.

161

View full text Add to dashboard Cite

Modern vehicular wireless technology enables vehicles to exchange information at any time, from any place, to any network -forms the vehicle-to-everything (V2X) communication platforms. Despite benefits, V2X applications also face great challenges to security and privacy -a very valid concern since breaches are not uncommon in automotive communication networks and applications. In this survey, we provide an extensive overview of V2X ecosystem. We also review main security/privacy issues, current standardization activities and existing defense mechanisms proposed within the V2X domain. We then identified semantic gaps of existing security solutions and outline possible open issues.We also discuss possible open issues (Section VIII), summarize multiple industry/academic/government initiatives for securing V2X communications (Section IX-A) and compare our work with related surveys (Section IX-B). II. V2X PLATFORM : AN OVERVIEWThis section provides an overview of V2X communication interfaces (Section II-A) and discuss various network/communication models (Section II-B). A. Communication InterfacesThe internal architecture of a vehicle is interconnected with ECUs (electronic control units -embedded computing platform that monitor/control automotive systems) coupled with sensors and actuators. The communication between the vehicle and the outside world such as other vehicles or roadside units (RSUs) is performed via external interfaces (see Fig. 1). These vehicular external interfaces are attached to the telematics control unit (TCU) -also referred to as on-board unit (OBU) 1 -an ECU that provides wireless connectivity [7], [8]. A vehicle control unit coordinates with the OBU to collect and disseminate vehicular data [9]. The current standards for V2X communication are DSRC (dedicated short range communication) [10] in the United States, C-ITS (cooperative intelligent transport systems) [11] in Europe and ITS Connect [12] in Japan. Both DSRC and C-ITS operating in the 5.9 GHz ITS band while ITS Connect operating in 760 MHz band (refer to Section II-B1 for details). An alternative to DSRC/C-ITS is the next generation of cellular wireless mobile telecommunications technology (see Section II-B2). OBUs can also be equipped with interfaces for long-range communication. These long-range wireless channels can be classified as broadcast channels (signals can be broadcast to multiple vehicles without knowledge of the receiver's address) and addressable channels (where messages are sent to vehicles with specific addresses.) [13]. Examples of broadcast channels include the global navigation satellite system (GNSS), traffic message/satellite radio receivers, etc. Addressable channels are typically used for long-range voice/data transmissions and are intended to be used for cellular communications for mobile broadband [8].

show abstract

Section: Threats To Intra-vehicle Components and Countermeasuresmentioning

confidence: 99%

Securing Vehicle-to-Everything (V2X) Communication Platforms

Hasan

Mohan

Shimizu

et al. 2020

IEEE Trans. Intell. Veh.

161

View full text Add to dashboard Cite

show abstract

“…The binary goes through a series of communication channels (including Internet, wireless communication, and in-car buses) and entities, which possess a large attack surface from a security point of view. Following the guideline in [38] and based on existing work [39,37,36], several misuse cases are identified in the CHASSIS security assessment. The threats and threat scenarios are identified using the information security Confidentiality, Integrity, and Availability (CIA) model in a brainstorming session.…”

Section: Chassismentioning

confidence: 99%

A Case Study of FMVEA and CHASSIS as Safety and Security Co-Analysis Method for Automotive Cyber-physical Systems

Schmittner

Schoitsch

et al. 2015

Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

View full text Add to dashboard Cite

The increasing integration of computational components and physical systems creates cyber-physical system, which provide new capabilities and possibilities for humans to control and interact with physical machines. However, the correlation of events in cyberspace and physical world also poses new safety and security challenges. This calls for holistic approaches to safety and security analysis for the identification of safety failures and security threats and a better understanding of their interplay. This paper presents the application of two promising methods, i.e. Failure Mode, Vulnerabilities and Effects Analysis (FMVEA) and Combined Harm Assessment of Safety and Security for Information Systems (CHASSIS), to a case study of safety and security co-analysis of cyber-physical systems in the automotive domain. We present the comparison, discuss their applicabilities, and identify future research needs.

show abstract

“…In 2011, Idrees et al proposed a protocol which guaranteed a secured FOTA in wireless vehicles [7]. They mainly focussed on hardware security mechanism.…”

Section: Firmware Updates Over the Air (Fota) And Wireless Diagnosticsmentioning

confidence: 99%

Alarming! Security Aspects of the Wireless Vehicle: Review

Chockalingam¹,

Lallie²

2014

IJCSDF

View full text Add to dashboard Cite

The auto-mobile industry has grown to become an integral part of our day -to -day life. The introduction of wireless vehicles definitely have to pass through the analysis of potential security threats and vulnerabilities, and robust security architecture should be designed that are able to cope with these threats and vulnerabilities. In this work, we have identified various categories of research in 'Cyber Security of a wireless vehicle' and mainly focused on 'In -Vehicle Network' to identify various potential security threats and vulnerabilities as well as the suitable security solutions. In addition to providing a survey of related academic efforts, we have also outlined several key issues and open research questions.

show abstract

Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates

Cited by 38 publications

References 7 publications

Securing Vehicle-to-Everything (V2X) Communication Platforms

Securing Vehicle-to-Everything (V2X) Communication Platforms

A Case Study of FMVEA and CHASSIS as Safety and Security Co-Analysis Method for Automotive Cyber-physical Systems

Alarming! Security Aspects of the Wireless Vehicle: Review

Contact Info

Product

Resources

About