On Cyber-Security for In-Vehicle Software

Author: Aljoscha Lautenbach; Chalmers University Of Technology; []

Keywords: TEKNIK OCH TEKNOLOGIER; ENGINEERING AND TECHNOLOGY; Vehicular Security; Memory Protection; Automotive Security; Memory Exploitation; In-Vehicle Network; Risk Assessment; CAN authentication; Secure Software Development;

Abstract: We live in a highly connected world, which brings many opportunities, but which also makes us vulnerable to attacks. Security in regular IT systems, such as desktop and server systems, has decades of active research behind it, whereas security in the automotive domain is still a relatively new topic. Vehicular systems are highly computerized: each vehicle, depending on type, brand and model, contains in the order of 100 electronic control units which govern most of the vehicle’s functions. In order to maintain traffic safety, it is therefore paramount that these systems are protected from malicious manipulation, and a natural question is how and to what extent “IT security” can be applied to automotive systems.This thesis covers two different aspects of automotive security, namely how to embed security engineering practices into the automotive development lifecycle, and how automotive characteristics influence the technical design and implementation of security measures. To this end, we develop a risk assessment framework which is well aligned with existing safety processes, since safety engineering is an integral part of automotive system design. We also investigate which typical pitfalls an automotive software developer has to be aware of to avoid the inadvertent creation of software vulnerabilities. We further identify five criteria that an in-vehicle network authentication solution needs to fulfill to be considered for practical use, and we evaluate authentication solutions for the most common automotive bus according to those criteria. Finally, we analyze the typical architecture of a resource constrained electronic control unit for possibilities of exploiting memory corruption bugs, and how techniques from desktop and server systems can mitigate the effects. We can conclude that it is possible to use adaptations of existing security solutions in automotive systems. However, a fair amount of adaptation work is needed to account for the particular characteristics of the automotive domain.

  CLICK HERE TO DOWNLOAD THE WHOLE DISSERTATION. (in PDF format)