Protecting Vehicles Against Unauthorised Diagnostics Sessions Using Trusted Third Parties
Paper in proceeding, 2013
Wireless vehicle diagnostics is expected to provide great improvements to the maintenance of future cars. By using certificates, vehicles can identify diagnostics equipment for a diagnostics session, even over long distances. However, since the diagnostics equipment contains authentication keys used to authenticate such sessions, it is critical that neither the keys nor the equipment is lost. Such a loss can give unauthorised access to any vehicle accepting these keys until the theft is detected and the certificates are revoked. In this paper, we propose a method to protect vehicles against unauthorised diagnostics sessions. A trusted third party is introduced to authorise sessions, thus we do not rely solely on proper identification and authentication of diagnostics equipment. Our approach enables vehicles to verify the validity of diagnostics requests. It is transparent to the diagnostics protocol being used, supports different levels of trust, and can control what commands are permitted during diagnostics sessions.
authorisation protocol
remote diagnostics
access control
trusted third party.
connected car
Author
Pierre Kleberger
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Tomas Olovsson
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
03029743 (ISSN) 16113349 (eISSN)
Vol. 8153 LNCS 8153 70-81978-3-642-40792-5 (ISBN)
Areas of Advance
Transport
Subject Categories
Computer and Information Science
DOI
10.1007/978-3-642-40793-2_7
ISBN
978-3-642-40792-5