1,953 research outputs found

    Towards a systematic security evaluation of the automotive Bluetooth interface

    Get PDF
    In-cabin connectivity and its enabling technologies have increased dramatically in recent years. Security was not considered an essential property, a mind-set that has shifted significantly due to the appearance of demonstrated vulnerabilities in these connected vehicles. Connectivity allows the possibility that an external attacker may compromise the security - and therefore the safety - of the vehicle. Many exploits have already been demonstrated in literature. One of the most pervasive connective technologies is Bluetooth, a short-range wireless communication technology. Security issues with this technology are well-documented, albeit in other domains. A threat intelligence study was carried out to substantiate this motivation and finds that while the general trend is towards increasing (relative) security in automotive Bluetooth implementations, there is still significant technological lag when compared to more traditional computing systems. The main contribution of this thesis is a framework for the systematic security evaluation of the automotive Bluetooth interface from a black-box perspective (as technical specifications were loose or absent). Tests were performed through both the vehicle’s native connection and through Bluetoothenabled aftermarket devices attached to the vehicle. This framework is supported through the use of attack trees and principles as outlined in the Penetration Testing Execution Standard. Furthermore, a proof-of-concept tool was developed to implement this framework in a semi-automated manner, to carry out testing on real-world vehicles. The tool also allows for severity classification of the results acquired, as outlined in the SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems. Results of the severity classification are validated through domain expert review. Finally, how formal methods could be integrated into the framework and tool to improve confidence and rigour, and to demonstrate how future iterations of design could be improved is also explored. In conclusion, there is a need for systematic security testing, based on the findings of the threat intelligence study. The systematic evaluation and the developed tool successfully found weaknesses in both the automotive Bluetooth interface and in the vehicle itself through Bluetooth-enabled aftermarket devices. Furthermore, the results of applying this framework provide a focus for counter-measure development and could be used as evidence in a security assurance case. The systematic evaluation framework also allows for formal methods to be introduced for added rigour and confidence. Demonstrations of how this might be performed (with case studies) were presented. Future recommendations include using this framework with more test vehicles and expanding on the existing attack trees that form the heart of the evaluation. Further work on the tool chain would also be desirable. This would enable further accuracy of any testing or modelling required, and would also take automation of the entire process further

    On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

    Full text link
    Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

    Simultaneous Positioning and Communications: Hybrid Radio Architecture, Estimation Techniques, and Experimental Validation

    Get PDF
    abstract: Limited spectral access motivates technologies that adapt to diminishing resources and increasingly cluttered environments. A joint positioning-communications system is designed and implemented on \acf{COTS} hardware. This system enables simultaneous positioning of, and communications between, nodes in a distributed network of base-stations and unmanned aerial systems (UASs). This technology offers extreme ranging precision (<< 5 cm) with minimal bandwidth (10 MHz), a secure communications link to protect against cyberattacks, a small form factor that enables integration into numerous platforms, and minimal resource consumption which supports high-density networks. The positioning and communications tasks are performed simultaneously with a single, co-use waveform, which efficiently utilizes limited resources and supports higher user densities. The positioning task uses a cooperative, point-to-point synchronization protocol to estimate the relative position and orientation of all users within the network. The communications task distributes positioning information between users and secures the positioning task against cyberattacks. This high-performance system is enabled by advanced time-of-arrival estimation techniques and a modern phase-accurate distributed coherence synchronization algorithm. This technology may be installed in ground-stations, ground vehicles, unmanned aerial systems, and airborne vehicles, enabling a highly-mobile, re-configurable network with numerous applications.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

    Will SDN be part of 5G?

    Get PDF
    For many, this is no longer a valid question and the case is considered settled with SDN/NFV (Software Defined Networking/Network Function Virtualization) providing the inevitable innovation enablers solving many outstanding management issues regarding 5G. However, given the monumental task of softwarization of radio access network (RAN) while 5G is just around the corner and some companies have started unveiling their 5G equipment already, the concern is very realistic that we may only see some point solutions involving SDN technology instead of a fully SDN-enabled RAN. This survey paper identifies all important obstacles in the way and looks at the state of the art of the relevant solutions. This survey is different from the previous surveys on SDN-based RAN as it focuses on the salient problems and discusses solutions proposed within and outside SDN literature. Our main focus is on fronthaul, backward compatibility, supposedly disruptive nature of SDN deployment, business cases and monetization of SDN related upgrades, latency of general purpose processors (GPP), and additional security vulnerabilities, softwarization brings along to the RAN. We have also provided a summary of the architectural developments in SDN-based RAN landscape as not all work can be covered under the focused issues. This paper provides a comprehensive survey on the state of the art of SDN-based RAN and clearly points out the gaps in the technology.Comment: 33 pages, 10 figure

    Ein mehrschichtiges sicheres Framework für Fahrzeugsysteme

    Get PDF
    In recent years, significant developments were introduced within the vehicular domain, evolving the vehicles to become a network of many embedded systems distributed throughout the car, known as Electronic Control Units (ECUs). Each one of these ECUs runs a number of software components that collaborate with each other to perform various vehicle functions. Modern vehicles are also equipped with wireless communication technologies, such as WiFi, Bluetooth, and so on, giving them the capability to interact with other vehicles and roadside infrastructure. While these improvements have increased the safety of the automotive system, they have vastly expanded the attack surface of the vehicle and opened the door for new potential security risks. The situation is made worse by a lack of security mechanisms in the vehicular system which allows the escalation of a compromise in one of the non-critical sub-systems to threaten the safety of the entire vehicle and its passengers. This dissertation focuses on providing a comprehensive framework that ensures the security of the vehicular system during its whole life-cycle. This framework aims to prevent the cyber-attacks against different components by ensuring secure communications among them. Furthermore, it aims to detect attacks which were not prevented successfully, and finally, to respond to these attacks properly to ensure a high degree of safety and stability of the system.In den letzten Jahren wurden bedeutende Entwicklungen im Bereich der Fahrzeuge vorgestellt, die die Fahrzeuge zu einem Netzwerk mit vielen im gesamten Fahrzeug verteile integrierte Systeme weiterentwickelten, den sogenannten Steuergeräten (ECU, englisch = Electronic Control Units). Jedes dieser Steuergeräte betreibt eine Reihe von Softwarekomponenten, die bei der Ausführung verschiedener Fahrzeugfunktionen zusammenarbeiten. Moderne Fahrzeuge sind auch mit drahtlosen Kommunikationstechnologien wie WiFi, Bluetooth usw. ausgestattet, die ihnen die Möglichkeit geben, mit anderen Fahrzeugen und der straßenseitigen Infrastruktur zu interagieren. Während diese Verbesserungen die Sicherheit des Fahrzeugsystems erhöht haben, haben sie die Angriffsfläche des Fahrzeugs erheblich vergrößert und die Tür für neue potenzielle Sicherheitsrisiken geöffnet. Die Situation wird durch einen Mangel an Sicherheitsmechanismen im Fahrzeugsystem verschärft, die es ermöglichen, dass ein Kompromiss in einem der unkritischen Subsysteme die Sicherheit des gesamten Fahrzeugs und seiner Insassen gefährdet kann. Diese Dissertation konzentriert sich auf die Entwicklung eines umfassenden Rahmens, der die Sicherheit des Fahrzeugsystems während seines gesamten Lebenszyklus gewährleistet. Dieser Rahmen zielt darauf ab, die Cyber-Angriffe gegen verschiedene Komponenten zu verhindern, indem eine sichere Kommunikation zwischen ihnen gewährleistet wird. Darüber hinaus zielt es darauf ab, Angriffe zu erkennen, die nicht erfolgreich verhindert wurden, und schließlich auf diese Angriffe angemessen zu reagieren, um ein hohes Maß an Sicherheit und Stabilität des Systems zu gewährleisten

    Architecture for intelligent power systems management, optimization, and storage.

    Get PDF
    The management of power and the optimization of systems generating and using power are critical technologies. A new architecture is developed to advance the current state of the art by providing an intelligent and autonomous solution for power systems management. The architecture is two-layered and implements a decentralized approach by defining software objects, similar to software agents, which provide for local optimization of power devices such as power generating, storage, and load devices. These software device objects also provide an interface to a higher level of optimization. This higher level of optimization implements the second layer in a centralized approach by coordinating the individual software device objects with an intelligent expert system thus resulting in architecture for total system power management. In this way, the architecture acquires the benefits of both the decentralized and centralized approaches. The architecture is designed to be portable, scalable, simple, and autonomous, with respect to devices and missions. Metrics for evaluating these characteristics are also defined. Decentralization achieves scalability and simplicity through modularization using software device objects that can be added and deleted as modules based on the devices of the power system are being optimized. Centralization coordinates these software device objects to bring autonomy and intelligence of the whole power system and mission to the architecture. The centralization approach is generic since it always coordinates software device objects; therefore it becomes another modular component of the architecture. Three example implementations illustrate the evolution of this power management system architecture. The first implementation is a coal-fired power generating station that utilized a neural network optimization for the reduction of nitrogen oxide emissions. This illustrates the limitations of this type of black-box optimization and serves as a motivation for developing a more functional architecture. The second implementation is of a hydro-generating power station where a white-box, software agent approach illustrates some of the benefits and provides initial justification of moving towards the proposed architecture. The third implementation applies the architecture to a vehicle to grid application where the previous hydro-generating application is ported and a new hybrid vehicle application is defined. This demonstrates portability and scalability in the architecture, and linking these two applications demonstrates autonomy. The simplicity of building this application is also evaluated

    Cyber Security of Traffic Signal Control Systems with Connected Vehicles

    Full text link
    Our world is becoming increasingly connected through smart technologies. The same trend is emerging in transportation systems, wherein connected vehicles (CVs) and transportation infrastructure are being connected through advanced wireless communication technologies. CVs have great potential to improve a variety of mobility applications, including traffic signal control (TSC), a critical component in urban traffic operations. CV-based TSC (CV-TSC) systems use trajectory data to make more informed control decisions, therefore can accommodate real-time traffic fluctuations more efficiently. However, vehicle-infrastructure connectivity opens new doors to potential cyber attacks. Malicious attackers can potentially send falsified trajectory data to CV-TSC systems and influence signal control decisions. The benefit of CV-TSC systems can be realized only if the systems are secure in cyberspace. Although many CV-TSC systems have been developed within the past decade, few consider cyber security in their system design. It remains unclear exactly how vulnerable CV-TSC systems are, how cyber attacks may be perpetrated, and how engineers can mitigate cyber attacks and protect CV-TSC systems. Therefore, this dissertation aims to systematically understand the cyber security problems facing CV-TSC systems under falsified data attacks and provide a countermeasure to safeguard CV-TSC systems. These objectives are accomplished through four studies. The first study evaluates the effects of falsified data attacks on TSC systems. Two TSC systems are considered: a conventional actuated TSC system and an adaptive CV-TSC system. Falsified data attacks are assumed to change the input data to these systems and therefore influence control decisions. Numerical examples show that both systems are vulnerable to falsified data attacks. The second study investigates how falsified data attacks may be perpetrated in a realistic setting. Different from prior research, this study considers a more realistic but challenging black-box attack scenario, in which the signal control model is unavailable to the attacker. Under this constraint, the attacker has to learn the signal control model using a surrogate model. The surrogate model predicts signal timing plans based on critical traffic features extracted from CV data. The attacker can generate falsified CV data (i.e., falsified vehicle trajectories) to alter the values of critical traffic features and thus influence signal control decisions. In the third study, a data-driven method is proposed to protect CV-TSC systems from falsified data attacks. Falsified trajectories are behaviorally distinct from normal trajectories because they must accomplish a certain attack goal; thus, the problem of identifying falsified trajectories is considered an abnormal trajectory identification problem. A trajectory-embedding model is developed to generate vector representations of trajectory data. The similarity (distance) between each pair of trajectories can be computed based on these vector representations. Hierarchical clustering is then applied to identify abnormal (i.e., falsified) trajectories. In the final study, a testing platform is built upon a virtual traffic simulator and real-world transportation infrastructure in Mcity. The testing platform integrates the attack study and defense study in a unified framework and is used to evaluate the real-world impact of cyber attacks on CV-TSC systems and the effectiveness of defense strategies.PHDCivil EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/162931/1/edhuang_1.pd
    corecore