This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Zero-Day Attack Defenses and Test Framework for Connected Mobility ECUs
Journal Article
2021-01-0141
ISSN: 2641-9645, e-ISSN: 2641-9645
Sector:
Event:
SAE WCX Digital Summit
Citation:
Kashani, A., Iyer, G., Mora-Golding, C., Yamashita, H. et al., "Zero-Day Attack Defenses and Test Framework for Connected Mobility ECUs," SAE Int. J. Adv. & Curr. Prac. in Mobility 3(5):2501-2508, 2021, https://doi.org/10.4271/2021-01-0141.
Language:
English
Abstract:
Recent developments in the commercialization of mobility services have brought unprecedented connectivity to the automotive sector. While the adoption of connected features provides significant benefits to vehicle owners, adversaries may leverage zero-day attacks to target the expanded attack surface and make unauthorized access to sensitive data. Protecting new generations of automotive controllers against malicious intrusions requires solutions that do not depend on conventional countermeasures, which often fall short when pitted against sophisticated exploitation attempts. In this paper, we describe some of the latent risks in current automotive systems along with a well-engineered multi-layer defense strategy. Further, we introduce a novel and comprehensive attack and performance test framework which considers state-of-the-art memory corruption attacks, countermeasures and evaluation methods. Finally, we demonstrate the ability to deter and prevent in-field zero-day attacks on connected vehicle ECUs.
Recommended Content
Journal Article | Cybersecurity Metrics for Automotive Systems |
Technical Paper | Mechanism for Secure Storage without a Trusted Execution Environment for Low/Mid Automotive Segments |
Progress In Technology | Design and the Reliability Factor |