This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Secure Boot Revisited: Challenges for Secure Implementations in the Automotive Domain
Journal Article
11-02-02-0008
ISSN: 2572-1046, e-ISSN: 2572-1054
Sector:
Citation:
Sanwald, S., Kaneti, L., Stöttinger, M., and Böhner, M., "Secure Boot Revisited: Challenges for Secure Implementations in the Automotive Domain," SAE Int. J. Transp. Cyber. & Privacy 2(2):69-81, 2019, https://doi.org/10.4271/11-02-02-0008.
Language:
English
Abstract:
Secure boot, although known for more than 20 years, frequent attacks from hackers that show numerous ways to bypass the security mechanism, including electronic control units (ECUs) of the automotive industry. This paper investigates the major causes of security weaknesses of secure boot implementations. Based on penetration test experiences, we start from an attacker’s perspective to identify and outline common implementation weaknesses. Then, from a Tier-One perspective, we analyze challenges in the research and development process of ECUs between original equipment manufacturers (OEMs) and suppliers that amplify the probability of such weakness. The paper provides recommendations to increase the understanding of implementing secure boot securely on both sides and derives a set of reference requirements as a starting point for secure boot ECU requirements.
Recommended Content
Technical Paper | Test Method for the SAE J3138 Automotive Cyber Security Standard |
Technical Paper | Model-Based Software Development: Functional Safety Compliance via Built-In Tool Intelligence |
Technical Paper | Tool Integration from Design to Test |