This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Securing Connected Vehicles End to End
Technical Paper
2014-01-0300
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
As vehicles become increasingly connected with the external world, they face a growing range of security vulnerabilities. Researchers, hobbyists, and hackers have compromised security keys used by vehicles' electronic control units (ECUs), modified ECU software, and hacked wireless transmissions from vehicle key fobs and tire monitoring sensors. Malware can infect vehicles through Internet connectivity, onboard diagnostic interfaces, devices tethered wirelessly or physically to the vehicle, malware-infected aftermarket devices or spare parts, and onboard Wi-Fi hotspot. Once vehicles are interconnected, compromised vehicles can also be used to attack the connected transportation system and other vehicles. Securing connected vehicles impose a range of unique new challenges. This paper describes some of these unique challenges and presents an end-to-end cloud-assisted connected vehicle security framework that can address these challenges.
Recommended Content
| Journal Article | Achieving a Scalable E/E-Architecture Using AUTOSAR and Virtualization |
| Journal Article | Analysis of Software Update in Connected Vehicles |
Authors
Citation
Zhang, T., Antunes, H., and Aggarwal, S., "Securing Connected Vehicles End to End," SAE Technical Paper 2014-01-0300, 2014, https://doi.org/10.4271/2014-01-0300.Also In
References
- O'Carroll L. July 2013 Scientist Banned from Revealing Codes Used to Start Luxury Cars http://www.theguardian.com/technology/2013/jul/26/scientist-banned-revealing-codes-cars October 18 2013
- Francillon A. , Danev B. , and Capkun S. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Network and Distributed System Security Symposium 2011
- Koscher K. , Czeskis A. , Roesner F. , Patel S. , Kohno T. , Checkoway S. , McCoy D. , Kantor B. , Anderson D. , Shacham H. , and Savage S. Experimental Security Analysis of A Modern Automobile IEEE Symposium on Security and Privacy 2010
- McAfee Labs McAfee Threats Report: First Quarter 2013 2013
- Rouf , I. , Miller , R. , Mustafa , H. , Taylor , T. , Oh , S. , Xu , W. , Gruteser , M. , Trappe , W. , Seskar , I. Security and privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study 19 th USENIX Security Symposium 2010
- Delgrossi , L. , Zhang , T. Vehicle Safety Communications: Protocols, Security, and Privacy 978-1-118-13272-2 John Wiley & Sons 2012
- Koscher , K. , Czeskis , A. , Roesner , F. , Patel , S. , Kohno , T. , Checkoway , S. , McCoy , D. , Kantor , B. , Anderson , D. , Shacham , H. , Savage , S. Experimental Security Analysis of A Modern Automobile 2010 IEEE Symposium on Security and Privacy 2010
- Checkoway , S. , McCoy , D. , Kantor , B. , Anderson , D. , Shacham , H. , Savage , S. , Koscher , K. , Czeskis , A. , Roesner , F. , Kohno , T. Comprehensive Experimental Analysis of Automotive Attack Surfaces USENIX Security Symposium 2011
- Studnia I. , Nicomette V. , Alata E. , Deswarte Y. , Kaaniche M. , Laarouchi Y. Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks DSN'03, 2 nd Workshop on Open Resilient Human-Aware Cyber-Physical Systems Budapest, Hungary 2013
- Dunn Michael Toyota's Killer Firmware: Bad Design and its Consequences 2013 October 28 http://www.edn.com/design/automotive/4423428/Toyota-s-killer-firmware--Bad-design-and-its-consequences October 30 2013
- Polk Polk Finds Average Age of Light Vehicles Continues to Rise 2013 August https://www.polk.com/company/news/polk_finds_average_age_of_light_vehicles_continues_to_rise October 29 2013
- Kumar V. , Srivastava J. , and Lazarevic A. Managing Cyber Threats: Issues, Approaches, and Challenges 2005 978-0-387-24226-2
- Idika N. and Mathur A. P. A Survey of Malware Detection Techniques Purdue University 2007
- Serazzi G. and Zanero S. Computer Virus Proppagation Models Performance Tools and Applications to Networked Systems, Lecture Notes in Computer Science 2965 2004
- Modi C. , Patel D. , Borisaniya B. , Patel H. , Patel A. , and Rajarajan M. A Survey of Intrusion Detection Techniques in Cloud Journal of Network and Computer Applications 2013
- Grace M. , Zhou Y. , Zhang Q. , Zu S. , Jiang X. RiskRanker: Scalable and Accurate Zero-Day Android Malware Detection MobiSys'12, the 10th International Conference on Mobile Systems, Applications, and Services 2012
- Hu X. , Chiueh T-C. , and Shin K. G. Large-Scale Malware Indexing Using Function-Call Graphs the 16th ACM Conference on Computer and Communications Security 2009
- AVTEST 2013 October http://www.av-test.org/en/statistics/malware/ October 18 2013
- Kaspersky Lab. 2012 December 2012 By the Numbers: Kaspersky Lab Now Detects 200,000 New Malicious Programs Every Day http://www.kaspersky.com/about/news/virus/2012/2012_by_the_numbers_Kaspersky_Lab_now_detects_200000_new_malicious_programs_every_day October 18 2013
- Microsoft 2013 Microsoft Security Intelligence Report http://www.microsoft.com/security/sir/story/default.aspx#!10year_malware October 18 2013
- Grace M. , Zhou Y. , Zhang Q. , Zu S. , Jiang X. RiskRanker: Scalable and Accurate Zero-Day Android Malware Detection MobiSys'12, the 10th International Conference on Mobile Systems, Applications, and Services 2012
- Bazrafshan Z. , Hashemi H. , Fard S. M. H. , and Hamzeh A. A Survey on Heuristic Malware Detection Techniques 5 th Conference on Information and Knowledge Technology (IKT) 2013
- Jacob G. , Debar H. , and Filiol E. Behavioral Detection of Malware: From a Survey Towards an Established Taxonomy Journal in Computer Virology August 2008