Академический Документы
Профессиональный Документы
Культура Документы
Automotive Security
Summer Term 2019
Dr. Rahamatullah Khondoker
Contents
• Introduction
• IT security for vehicles
• Immobilizer and Remote Keyless System
• E/E and ECU Security
• Interfaces
• V2X Communication
• Infotainment
• Addressing the challenges
Monetary threats
Turn back odometer
Illegal function activation or chip tuning
Vehicle theft
Privacy threats
Movement profiles
Driver identification
Driving behavior profiles
Cellular,
Infotainment Acronyms:
V2X Communication: Wi-Fi, Bluetooth
USB DAB: Digital Audio
IEEE 802.11p Broadcasting
Cellular V2X Lightning GPS,DAB,
GPS: Global
TMC,RDS
Positioning System
TMC: Traffic
Message Channel
E/E, ECU Security:
RDS: Radio Data
Odometer,
Service
Chip tuning,
E/E: Electrical and
Function activation
Electronic
Interfaces: V2X: Vehicle to
On-board diagnostics (OBD) Anything
Tire pressure monitoring Immobilizer USB: Universal Serial
Electrical vehicle (EV) charging Remote Keyless System Bus
Source: ADAC
Source: sijox
Koscher et al.: Experimental Security Analysis of a Modern Automobile IEEE Symposium
on Security and Privacy, 2010
Checkoway et al.: Comprehensive Experimental Analyses of Automotive Attack Surfaces USENIX Security Symposium, 2011
Miller and Valasek: A Survey of Remote Automotive Attack Surfaces, Blackhat 2014
Open Car
SMS:
DES(Open,key1)=m, DES-CBC-HMAC(m,key2)
HTTP-GET Request
HTTP-GET Response:
AES(Open,key3)=n, SHA256-HMAC(n,key4)
SMS:
DES(Open,key1)=m, DES-CBC-HMAC(m,key2)
HTTP-GET Request
HTTP-GET Response:
AES(Open,key3)=n, SHA256-HMAC(n,key4)
Source: http://www.troyhunt.com/2016/02/controlling-vehicle-features-of-nissan.html