Towards a Standardised Framework for Securing Connected Vehicles
Licentiate thesis, 2019
Many different parties are involved in the development of such a complex system as the functions are distributed over more than 100 ECUs, making it difficult to get an overall picture of the achieved security. Therefore, moving towards a standardised security framework tailored for the automotive domain is necessary.
In this thesis we study various safety and security standards and proposed frameworks from different industrial domains with respect to their way of classifying demands in the form of levels and their methods to derive requirements. In our proposed framework, we suggest security levels appropriate for automotive systems and continue with a mapping between these security levels and identified security mechanisms and design rules to provide basic security. We further study in detail a mechanism which provides freshness to authenticated messages, namely AUTOSAR SecOC Profile 3, and present a novel extension that offers a faster synchronisation between ECUs and reduces the number of required messages for synchronisation.
Security Classification
Vehicular Security
In-Vehicle Network
Freshness
Author
Thomas Rosenstatter
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Open Problems when Mapping Automotive Security Levels to System Requirements
Proceedings of the 4th International Conference on Vehicle Technology and Intelligent Transport Systems ,;(2018)p. 251-260
Paper in proceeding
Towards a Standardized Mapping from Automotive Security Levels to Security Mechanisms
IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC,;(2018)p. 1501-1507
Paper in proceeding
T. Rosenstatter, C. Sandberg, and T. Olovsson, Extending AUTOSAR's Counter-based Solution for Freshness of Authenticated Messages in Vehicles
Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)
VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.
Areas of Advance
Information and Communication Technology
Transport
Subject Categories
Electrical Engineering, Electronic Engineering, Information Engineering
Embedded Systems
Other Electrical Engineering, Electronic Engineering, Information Engineering
Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 198
Publisher
Chalmers
EE, EDIT building, Rännvägen 6B, Chalmers University of Technology
Opponent: Panos Papadimitratos, KTH Royal Institute of Technology, Sweden