A Structured Approach to Securing the Connected Car

<p>Vehicles of today have become increasingly dependent on software to handle their functionalities. Updating and maintaining the software in vehicles has therefore become a costly process for the automotive industry. By introducing wireless communications to vehicles, vehicular maintenance can greatly be improved and many other new applications can also be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle. Thus, this thesis presents a general approach to securing the connected car and the usefulness of the approach is demonstrated in a vehicular diagnostics scenario.</p> <p>The thesis comes in two main parts. In the first part, we address security mechanisms for the connected car. First, a survey of current mechanisms to secure the in-vehicle networks is made. Then, a description of possible communication methods with vehicles is given and a taxonomy of current entities involved in such communication is presented. The taxonomy is organised in actors, vehicle-to-X communications, network paths, and dependability and security attributes. The usefulness of the taxonomy is demonstrated by two examples.</p> <p>In the second part, we address security with respect to vehicular diagnostics. First, an overall security analysis of the interaction between the connected car and the repair shop is conducted. We find that the most imminent risk in the repair shop is the loss of authentication keys. The loss of such keys allows masquerading attacks against vehicles. To address this problem, we propose a Kerberos-inspired protocol for authentication and authorisation of the diagnostics equipment and a trusted third party is introduced.</p> <p>To conclude, this thesis shows the value of adopting a structured approach to securing the connected car. The approach has been shown to be useful for identifying threats and countermeasures and thus help improving security.</p

BlockChain: A distributed solution to automotive security and privacy

Interconnected smart vehicles offer a range of sophisticated services that benefit the vehicle owners, transport authorities, car manufacturers and other service providers. This potentially exposes smart vehicles to a range of security and privacy threats such as location tracking or remote hijacking of the vehicle. In this article, we argue that BlockChain (BC), a disruptive technology that has found many applications from cryptocurrencies to smart contracts, is a potential solution to these challenges. We propose a BC-based architecture to protect the privacy of the users and to increase the security of the vehicular ecosystem. Wireless remote software updates and other emerging services such as dynamic vehicle insurance fees, are used to illustrate the efficacy of the proposed security architecture. We also qualitatively argue the resilience of the architecture against common security attacks

Project54 vehicle telematics for remote diagnostics, fleet management and traffic monitoring

The Project54 system was developed to introduce advanced technologies into the operations of the New Hampshire Department of Safety and other law enforcement agencies. The application of computing, sensing and telecommunication technologies within the Project54 system enables advanced telematics services that can provide benefits to vehicle operators, fleet managers and the public. This thesis describes the implementation of remote diagnostics and fleet management services for the Project54 system and investigates the use of radar equipped police vehicles as traffic probes. Aftermarket diagnostic hardware has been integrated in the Project54 system and software applications have been developed to control the hardware and record diagnostic information. An electronic data entry form has been created for tracking vehicle operating expenses and a vehicle status reporting system is described. Additionally, a traffic congestion scoring method using information from traffic radar units is presented

Cyber Threats Facing Autonomous and Connected Vehicles: Future Challenges

Vehicles are currently being developed and sold with increasing levels of connectivity and automation. As with all networked computing devices, increased connectivity often results in a heightened risk of a cyber security attack. Furthermore, increased automation exacerbates any risk by increasing the opportunities for the adversary to implement a successful attack. In this paper, a large volume of publicly accessible literature is reviewed and compartmentalised based on the vulnerabilities identified and mitigation techniques developed. This review highlighted that the majority of research is reactive and vulnerabilities are often discovered by friendly adversaries (white-hat hackers). Many gaps in the knowledge base were identified. Priority should be given to address these knowledge gaps to minimise future cyber security risks in the connected and autonomous vehicle sector

INTELLIGENTE TRANSPORT SYSTEMEN ITS EN VERKEERSVEILIGHEID

This report discusses Intelligent Transport Systems (ITS). This generic term is used for a broad range of information-, control- and electronic technology that can be integrated in the road infrastructure and the vehicles themselves, saving lives, time and money bymonitoring and managing traffic flows, reducing conges-tion, avoiding accidents, etc. Because this report was written in the scope of the Policy Research Centre Mobility & Public Works, track Traffic Safety, it focuses on ITS systems from the traffic safety point of view. Within the whole range of ITS systems, two categories can be distinguished: autonomous and cooperative systems. Autonomous systems are all forms of ITS which operate by itself, and do not depend on the cooperation with other vehicles or supporting infrastructure. Example applications are blind spot detection using radar, electronic stability control, dynamic traffic management using variable road signs, emergency call, etc. Cooperative systems are ITS systems based on communication and cooperation, both between vehicles as between vehicles and infrastructure. Example applications are alerting vehicles approaching a traffic jam, exchanging data regarding hazardous road conditions, extended electronic brake light, etc. In some cases, autonomous systems can evolve to autonomous cooperative systems. ISA (Intelligent Speed Adaptation) is an example of this: the dynamic aspect as well as communication with infrastructure (eg Traffic lights, Variable Message Sign (VMS)...) can provide additional road safety. This is the clear link between the two parts of this report. The many ITS applications are an indicator of the high expectations from the government, the academic world and the industry regarding the possibilities made possible by both categories of ITS systems. Therefore, the comprehensive discussion of both of them is the core of this report. The first part of the report covering the autonomous systems treats two aspects: 1. Overview of European projects related to mobility and in particular to road safety 2. Overview for guidelines for the evaluation of ITS projects. Out of the wide range of diverse (autonomous) ITS applications a selection is made; this selection is focused on E Safety Forum and PreVENT. Especially the PreVent research project is interesting because ITS-applications have led to a number of concrete demonstration vehicles that showed - in protected and unprotected surroundings- that these ITS-applications are already technically useful or could be developed into useful products. The component “guidelines for the evaluation of ITS projects” outlines that the government has to have specific evaluation tools if the government has the ambition of using ITS-applications for road safety. Two projects -guidelines for the evaluation of ITS projects- are examined; a third evaluation method is only mentioned because this description shows that a specific targeting of the government can be desirable : 1. TRACE describes the guidelines for the evaluation of ITS projects which are useful for the evaluation of specific ITS-applications. 2. FITS contains Finnish guidelines for the evaluation of ITS project; FIS is an adaptation of methods used for evaluation of transport projects. 3. The third evaluation method for the evaluation of ITS projects is developed in an ongoing European research project, eImpact. eImpact is important because, a specific consultation of stake holders shows that the social importance of some techniques is underestimated. These preliminary results show that an appropriate guiding role for the government could be important. In the second part of this document the cooperative systems are discussed in depth. These systems enable a large number of applications with an important social relevance, both on the level of the environment, mobility and traffic safety. Cooperative systems make it possible to warn drivers in time to avoid collisions (e.g. when approaching the tail of a traffic jam, or when a ghost driver is detected). Hazardous road conditions can be automatically communicated to other drivers (e.g. after the detection of black ice or an oil trail by the ESP). Navigation systems can receive detailed real-time up-dates about the current traffic situation and can take this into account when calculating their routes. When a traffic distortion occurs, traffic centers can immediately take action and can actively influence the way that the traffic will be diverted. Drivers can be notified well in advance about approaching emergency vehicles, and can be directed to yield way in a uniform manner. This is just a small selection from the large number of applications that are made possible because of cooperative ITS systems, but it is very obvious that these systems can make a significant positive contribution to traffic safety. In literature it is estimated that the decrease of accidents with injuries of fatalities will be between 20% and 50% . It is not suprising that ITS systems receive a lot of attention for the moment. On an international level, a number of standards are being established regarding this topic. The International Telecommunications Uniont (ITU), Institute for Electrical and Electronics Engineers (IEEE), International Organization for Standardization (ISO), Association of Radio Industries and Business (ARIB) and European committee for standardization (CEN) are currently defining standards that describe different aspects of ITS systems. One of the names that is mostly mentioned in literature is the ISO TC204/WG16 Communications Architecture for Land Mobile environment (CALM) standard. It describes a framework that enables transparent (both for the application and the user) continuous communication through different communication media. Besides the innumerable standardization activities, there is a great number of active research projects. On European level, the most important are the i2010 Intelligent Car Initiative, the eSafety Forum, and the COMeSafety, the CVIS, the SAFESPOT, the COOPERS and the SEVECOM project. The i2010 Intelligent Car Initiative is an European initiative with the goal to halve the number of traffic casualties by 2010. The eSafety Forum is an initiative of the European Commission, industry and other stakeholders and targets the acceleration of development and deployment of safety-related ITS systems. The COMeSafety project supports the eSafety Forum on the field of vehicle-to-vehicle and vehicle-to-infrastructure communication. In the CVIS project, attention is given to both technical and non-technical issues, with the main goal to develop the first free and open reference implementation of the CALM architecture. The SAFEST project investigates which data is important for safety applications, and with which algorithmsthis data can be extracted from vehicles and infrastructure. The COOPERS project mainly targets communication between vehicles and dedicated roadside infrastructure. Finally, the SEVECOM project researches security and privacy issues. Besides the European projects, research is also conducted in the United States of America (CICAS and VII projects) and in Japan (AHSRA, VICS, Smartway, internetITS). Besides standardization bodies and governmental organizations, also the industry has a considerable interest in ITS systems. In the scope of their ITS activities, a number of companies are united in national and international organizations. On an international level, the best known names are the Car 2 Car Communication Consortium, and Ertico. The C2C CC unites the large European car manufacturers, and focuses on the development of an open standard for vehicle-to-vehicle and vehicle-to-infrastructure communications based on the already well established IEEE 802.11 WLAN standard. Ertico is an European multi-sector, public/private partnership with the intended purpose of the development and introduction of ITS systems. On a national level, FlandersDrive and The Telematics Cluster / ITS Belgium are the best known organizations. Despite the worldwide activities regarding (cooperative) ITS systems, there still is no consensus about the wireless technology to be used in such systems. This can be put down to the fact that a large number of suitable technologies exist or are under development. Each technology has its specific advantages and disadvantages, but no single technology is the ideal solution for every ITS application. However, the different candidates can be classified in three distinct categories. The first group contains solutions for Dedicated Short Range Communication (DSRC), such as the WAVE technology. The second group is made up of several cellular communication networks providing coverage over wide areas. Examples are GPRS (data communication using the GSM network), UMTS (faster then GPRS), WiMAX (even faster then UMTS) and MBWA (similar to WiMAX). The third group consists of digital data broadcast technologies such as RDS (via the current FM radio transmissions, slow), DAB and DMB (via current digital radio transmissions, quicker) and DVB-H (via future digital television transmissions for mobiledevices, quickest). The previous makes it clear that ITS systems are a hot topic right now, and they receive a lot of attention from the academic world, the standardization bodies and the industry. Therefore, it seems like that it is just a matter of time before ITS systems will find their way into the daily live. Due to the large number of suitable technologies for the implementation of cooperative ITS systems, it is very hard to define which role the government has to play in these developments, and which are the next steps to take. These issues were addressed in reports produced by the i2010 Intelligent Car Initiative and the CVIS project. Their state of the art overview revealed that until now, no country has successfully deployed a fully operational ITS system yet. Seven EU countries are the furthest and are already in the deployment phase: Sweden, Germany, the Netherlands, the United Kingdom, Finland, Spain and France. These countries are trailed by eight countries which are in the promotion phase: Denmark, Greece, Italy, Austria, Belgium,Norway, the Czech Republic and Poland. Finally, the last ten countries find themselves in the start-up phase: Estonia, Lithuania, Latvia, Slovenia, Slovakia, Hungary, Portugal, Switzerland, Ireland and Luxembourg. These European reports produced by the i2010 Intelligent Car Initiative and the CVIS project have defined a few policy recommendations which are very relevant for the Belgian and Flemish government. The most important recommendations for the Flemish government are: • Support awareness: research revealed that civilians consider ITS applications useful, but they are not really willing to pay for this technology. Therefore, it is important to convince the general public of the usefulness and the importance of ITS systems. • Fill the gaps: Belgium is situated in the promotion phase. This means that it should focus at identifying the missing stakeholders, and coordinating national and regional ITS activities. Here it is important that the research activities are coordinated in a national and international context to allow transfer of knowledge from one study to the next, as well as the results to be comparable. • Develop a vision: in the scope of ITS systems policies have to be defined regarding a large number of issues. For instance there is the question if ITS users should be educated, meaning that the use of ITS systems should be the subject of the drivers license exam. How will the regulations be for the technical inspection of vehicles equipped with ITS technology? Will ITS systems be deployed on a voluntary base, or will they e.g. be obliged in every new car? Will the services be offered by private companies, by the public authorities, or by a combination of them? Which technology will be used to implement ITS systems? These are just a few of the many questions where the government will have to develop a point of view for. • Policy coordination: ITS systems are a policy subject on an international, national and regional level. It is very important that these policy organizations can collaborate in a coordinated manner. • Iterative approach to policy development: developing policies for this complex matter is not a simple task. This asks for an iterative approach, where policy decisions are continuously refined and adjusted

Towards a Secure and Resilient Vehicle Design: Methodologies, Principles and Guidelines

The advent of autonomous and connected vehicles has brought new cyber security challenges to the automotive industry. It requires vehicles to be designed to remain dependable in the occurrence of cyber-attacks. A modern vehicle can contain over 150 computers, over 100 million lines of code, and various connection interfaces such as USB ports, WiFi, Bluetooth, and 4G/5G. The continuous technological advancements within the automotive industry allow safety enhancements due to increased control of, e.g., brakes, steering, and the engine. Although the technology is beneficial, its complexity has the side-effect to give rise to a multitude of vulnerabilities that might leverage the potential for cyber-attacks. Consequently, there is an increase in regulations that demand compliance with vehicle cyber security and resilience requirements that state vehicles should be designed to be resilient to cyber-attacks with the capability to detect and appropriately respond to these attacks. Moreover, increasing requirements for automotive digital forensic capabilities are beginning to emerge. Failures in automated driving functions can be caused by hardware and software failures as well as cyber security issues. It is imperative to investigate the cause of these failures. However, there is currently no clear guidance on how to comply with these regulations from a technical perspective.In this thesis, we propose a methodology to predict and mitigate vulnerabilities in vehicles using a systematic approach for security analysis; a methodology further used to develop a framework ensuring a resilient and secure vehicle design concerning a multitude of analyzed vehicle cyber-attacks. Moreover, we review and analyze scientific literature on resilience techniques, fault tolerance, and dependability for attack detection, mitigation, recovery, and resilience endurance. These techniques are then further incorporated into the above-mentioned framework. Finally, to meet requirements to hastily and securely patch the increasing number of bugs in vehicle software, we propose a versatile framework for vehicle software updates