An Overview of Automotive Service-Oriented Architectures and Implications for Security Countermeasures

New requirements from the customers\u27 and manufacturers\u27 point of view such as adding new software functions during the product life cycle require a transformed architecture design for future vehicles. The paradigm of signal-oriented communication established for many years will increasingly be replaced by service-oriented approaches in order to increase the update and upgrade capability. In this article, we provide an overview of current protocols and communication patterns for automotive architectures based on the service-oriented architecture (SOA) paradigm and compare them with signal-oriented approaches. Resulting challenges and opportunities of SOAs with respect to information security are outlined and discussed. For this purpose, we explain different security countermeasures and present a state of the section of automotive approaches in the fields of firewalls, Intrusion Detection Systems (IDSs) and Identity and Access Management (IAM). Our final discussion is based on an exemplary hybrid architecture (signal- and service-oriented) and examines the adaptation of existing security measures as well as their specific security features

CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.Comment: Submitted to conferenc

Automotive Vulnerability Disclosure: Stakeholders, Opportunities, Challenges

Since several years, the overall awareness for the necessity to consider a vehicle as a potentially vulnerable system is facing accelerated growth. In 2015, the safety relevant exploitability of vulnerabilities through cyber attacks was exposed to a broader public for the first time. Only a few months after this attack has reached public awareness, affected manufacturer implemented one of the first bug bounty programs within the automotive field. Since then, many others followed by adapting some of ITs good practices for handling and responsibly disclose found and reported vulnerabilities for the automotive field. Nevertheless, this work points out that much remains to be done concerning quantity and quality of these measures. In order to cope with this, this present paper deals with what can be learned from IT and which conclusions can be drawn from these findings in the light of special conditions in the automotive environment. Furthermore, current handling and challenges regarding the disclosure process of vulnerabilities in the automotive sector are presented. These challenges are addressed by discussing desirable conditions for a beneficial disclosure culture as well as requirements and responsibilities of all parties involved in the disclosure process

Survey and Classification of Automotive Security Attacks

Due to current development trends in the automotive industry towards stronger connected and autonomous driving, the attack surface of vehicles is growing which increases the risk of security attacks. This has been confirmed by several research projects in which vehicles were attacked in order to trigger various functions. In some cases these functions were critical to operational safety. To make automotive systems more secure, concepts must be developed that take existing attacks into account. Several taxonomies were proposed to analyze and classify security attacks. However, in this paper we show that the existing taxonomies were not designed for application in the automotive development process and therefore do not provide enough degree of detail for supporting development phases such as threat analysis or security testing. In order to be able to use the information that security attacks can provide for the development of security concepts and for testing automotive systems, we propose a comprehensive taxonomy with degrees of detail which addresses these tasks. In particular, our proposed taxonomy is designed in such a wa, that each step in the vehicle development process can leverage it

Survey of Model-Based Security Testing Approaches in the Automotive Domain

Modern connected or autonomous vehicles (AVs) are highly complex cyber-physical systems. As a result of the high number of different technologies and connectivity features involved, testing these systems to identify security vulnerabilities is a big challenge. Security testing techniques, such as penetration testing, are often manual methods that are applied comparatively late in the vehicle development process. Thus, vulnerabilities are only detected late or after development, leading to higher costs and more patching effort. To reduce the amount of testing resources in general and enable early and automated testing, model-based testing methods have been established in several domains, such as information technology and the automotive domain. The transfer of model-based testing approaches to automotive security testing could help to detect vulnerabilities earlier than other, manual methods by automatically generating, executing, or simulating security tests. In this study, we review the literature on model-based test approaches in the automotive domain. First, we consider security-independent approaches to obtain an overview of applied models, formalisms, test selection criteria, and test generation techniques. In addition, we investigate, whether and how model-based approaches are applied for automotive security testing. Overall, we identified 63 publications related to model-based testing and 29 publications with regard to model-based security testing. The aim of this study is to provide an overview and direct comparison between these approaches. In this manner, the state of model-based security testing in the automotive domain, current challenges, and potential research areas are determined

Concept for Generating Energy Demand in Electric Vehicles with a Model Based Approach

Hybrid energy storage systems (HESS) for electric vehicles, which consist of lithium-ion batteries and supercapacitors, have become an increasing focus of research and development in recent years. The combination of the two combines the advantages of each storage technology (high energy density in batteries and high power density in supercapacitors) in one system. To effectively manage the energy flow between these two different storage technologies, an intelligent energy management system (EMS) is required. In the development of the EMS, it is usual to run preliminary checks in a simulation environment that is as close to reality as feasible already during the development process. For this purpose, this paper presents a concept for the creation of a simulation environment consisting of realistic routes and a holistic vehicle model. The realistic route data are generated by a route-generating algorithm, which accesses different map services via application programming interfaces (API) and retrieves real route data to generate a simulated route. By integrating further online services (e.g., OpenWeather API), the routes are further specified with, for example, real weather data, traffic data, speed limits and altitude data. For the complete vehicle model, components including the suspension, chassis and auxiliary consumers are simulated as blackbox models. The components that can be accessed during the simulation are simulated as white box models. These are the battery, the supercapacitor, the DC/DC converter and the electric motor. This allows the EMS to control and regulate the HESS in real time during the simulation. To validate the simulation environment presented here, a real BMW i3 was driven on a real route, and its energy demand was measured. The same route was simulated in the simulation environment with environmental conditions that were as realistic as feasible (traffic volume, traffic facilities, weather) and the vehicle model of the BMW i3. The resulting energy demand from the simulation was recorded. The results show that the simulated energy consumption value differs by only 1.92% from the real measured value. This demonstrates the accuracy of the simulation environment presented here

Concept for Generating Energy Demand in Electric Vehicles with a Model Based Approach

International audienceHybrid energy storage systems (HESS) for electric vehicles, whichconsist of lithium-ion batteries and supercapacitors, have becomean increasing focus of research and development in recent years.The combination of the two combines the advantages of each storagetechnology (high energy density in batteries and high power densityin supercapacitors) in one system. To effectively manage the energyflow between these two different storage technologies, anintelligent energy management system (EMS) is required. In thedevelopment of the EMS, it is usual to run preliminary checks in asimulation environment that is as close to reality as feasiblealready during the development process. For this purpose, thispaper presents a concept for the creation of a simulationenvironment consisting of realistic routes and a holistic vehiclemodel. The realistic route data are generated by a route-generatingalgorithm, which accesses different map services via applicationprogramming interfaces (API) and retrieves real route data togenerate a simulated route. By integrating further online services(e.g., OpenWeather API), the routes are further specified with, forexample, real weather data, traffic data, speed limits and altitudedata. For the complete vehicle model, components including thesuspension, chassis and auxiliary consumers are simulated asblackbox models. The components that can be accessed during thesimulation are simulated as white box models. These are thebattery, the supercapacitor, the DC/DC converter and the electricmotor. This allows the EMS to control and regulate the HESS in realtime during the simulation. To validate the simulation environmentpresented here, a real BMW i3 was driven on a real route, and itsenergy demand was measured. The same route was simulated in thesimulation environment with environmental conditions that were asrealistic as feasible (traffic volume, traffic facilities, weather)and the vehicle model of the BMW i3. The resulting energy demandfrom the simulation was recorded. The results show that thesimulated energy consumption value differs by only 1.92% from thereal measured value. This demonstrates the accuracy of thesimulation environment presented here

Approach for a Global Route-Based Energy Management System for Electric Vehicles with a Hybrid Energy Storage System

The usage of batteries and supercapacitors in the field of electric vehicles is becoming increasingly prominent in both research and development. Due to the complementary advantages of the two systems, high energy density, and high power density, a combined battery/supercapacitor system offers potential. To effectively utilise the potential of such a hybrid energy storage system (HESS), one requires an intelligent energy management system (EMS). The EMS is responsible for controlling the electrical power between the battery and the supercapacitor in such a way that the required power can be optimally distributed at all times (currently and in the future). For this purpose, the energy management system utilises information on the driving route and, based on this information, shall calculate a global strategy for the continuous power distribution. The controlled power distribution should take place in real time and be robust against discrepancies so that unpredictable or unreliably predictable events do not significantly influence the functionality. For the implementation of the concept, a rule-based power distribution is implemented in combination with a predictive energy management. Here, the energy management is combined with a rule-based strategy calculation based on data on the route to be driven with a global optimization for the calculation of a route-specific strategy. Depending on the selected objective, the increase in energy efficiency, or lifetime, the operation of the power control is optimised. Due to the functional separation, the continuous power control can operate in real time, while more computational time can be spent on the calculations of the power management strategy, which accordingly does not need to be executed in real time. The results show that by using the presented EMS, especially in combination with a route-specific parameterisation, a significant effect on the energy efficiency and/or battery lifetime can be achieved. The average battery energy consumption can be reduced by up to 9.14% on urban routes. Regarding battery lifetime, the average battery usage can be reduced up to 13.35% and the battery energy losses even up to 62.72%

Can you build a sustainable business model for electric vehicle charging stations?

International audienceCan you build a sustainable business model for electric vehicle charging stations? This is an important question to be answered as new solutions in mobility can only be used if their business model is convenient and answers to economic, ecologic and social demands. After an introduction of individual mobility a framework of sustainable buisness models is develloped and applied on electric vehicle charging stations, showing that improvements sill have to be done in order to create sustainable business model

Can you build a sustainable business model for electric vehicle charging stations?

International audienceCan you build a sustainable business model for electric vehicle charging stations? This is an important question to be answered as new solutions in mobility can only be used if their business model is convenient and answers to economic, ecologic and social demands. After an introduction of individual mobility a framework of sustainable buisness models is develloped and applied on electric vehicle charging stations, showing that improvements sill have to be done in order to create sustainable business model