Exploring Design Requirements of Fleet Telematics Systems Supporting Road Freight Transportation: A Digital Service Side Perspective

Road freight operators (RFOs) optimize their fleet management processes using fleet telematics systems (FTSs). Therefore, the selection of FTSs by RFOs is driven by transport specifications from the customer side leading to substantial search costs. However, FTSs vary significantly in their design requirements to assist road freight operations. Hence, we analyze 74 web pages from FTSs of existing telematics vendors to elicit 31 design requirements (DRs) which we aggregated into nine requirement sets (RSs). Subsequently, 42 practitioners from five digital road freight service enterprises experienced in using FTSs validate the DRs and evaluate their importance with RSs following the Analytical Hierarchy Process (AHP) method. The results reveal that DRs and RSs promoting driver monitoring and IT integration are perceived more important than items promoting fleet and logistics support. Our contribution sheds light on an emerging topic in logistics and establishes a knowledge base that guides the design of future FTSs

From Attack to Defense: Toward Secure In-vehicle Networks

New security breaches in vehicles are emerging due to software-driven Electronic Control Units (ECUs) and wireless connectivity of modern vehicles. These trends have introduced more remote surfaces/endpoints that an adversary can exploit and, in the worst case, use to control the vehicle remotely. Researchers have demonstrated how vulnerabilities in remote endpoints can be exploited to compromise ECUs, access in-vehicle networks, and control vehicle maneuvers. To detect and prevent such vehicle cyber attacks, researchers have also developed and proposed numerous countermeasures (e.g., Intrusion Detection Systems and message authentication schemes). However, there still remain potentially critical attacks that existing defense schemes can neither detect/prevent nor consider. Moreover, existing defense schemes lack certain functionalities (e.g., identifying the message transmitter), thus not providing strong protection for safety-critical ECUs against in-vehicle network attacks. With all such unexplored and unresolved security issues, vehicles and drivers/passengers will remain insecure. This dissertation aims to fill this gap by 1) unveiling a new important and critical vulnerability applicable to several in-vehicle networks (including the Controller Area Network (CAN), the de-facto standard protocol), 2) proposing a new Intrusion Detection System (IDS) which can detect not only those attacks that have already been demonstrated or discussed in literature, but also those that are more acute and cannot be detected by state-of-the-art IDSes, 3) designing an attacker identification scheme that provides a swift pathway for forensic, isolation, security patch, etc., and 4) investigating what an adversary can achieve while the vehicle’s ignition is off. First, we unveil a new type of Denial-of-Service (DoS) attack called the bus-off attack that, ironically, exploits the error-handling scheme of in-vehicle networks. That is, their fault-confinement mechanism — which has been considered as one of their major advantages in providing fault-tolerance and robustness — is used as an attack vector. Next, we propose a new anomaly-based IDS that detects intrusions based on the extracted fingerprints of ECUs. Such a capability overcomes the deficiency of existing IDSes and thus detects a wide range of in-vehicle network attacks, including those existing schemes cannot. Then, we propose an attacker identification scheme that provides a swift pathway for forensic, isolation, and security patch. This is achieved by fingerprinting ECUs based on CAN voltage measurements. It takes advantage of the fact that voltage outputs of each ECU are slightly different from each other due to their differences in supply voltage, ground voltage, resistance values, etc. Lastly, we propose two new attack methods called the Battery-Drain and the Denial-of-Body-control attacks through which an adversary can disable parked vehicles with the ignition off. These attacks invalidate the conventional belief that vehicle cyber attacks are feasible and thus their defenses are required only when the vehicles ignition is on.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/144125/1/ktcho_1.pd