Towards Secure and Forensically-Enabled Resilient Vehicle Design

Doctoral thesis, 2025

The rise of autonomous and connected vehicles has introduced significant cybersecurity challenges in the automotive domain. An increase in regulations has mandated compliance with vehicle cybersecurity requirements. These regulations require vehicles to be designed to withstand cyberattacks, equipped with mechanisms to detect and effectively respond to threats, and ensure a secure process for software updates and digital forensics. However, a gap remains in providing clear technical guidance for securing vehicles and ensuring compliance with evolving regulations. This thesis aims to address this gap by presenting tools and methodologies to strengthen cybersecurity within the automotive industry.
In the first part of the thesis, we analyze and adapt methodologies for various phases of the vehicle life cycle and propose a systematic approach to predict and mitigate vulnerabilities throughout the entire life cycle. We also conduct a comprehensive review of resilience techniques, fault tolerance, and dependability related to attack detection, mitigation, recovery, and endurance. By applying our methodology and integrating these review findings, we develop a framework to design vehicles that are safe, secure, and resilient against various cyberattacks. In addition, we perform a systematic literature review of automotive digital forensics, providing an overview of the research landscape and its practical applications. This review guides future research and supports engineers in developing forensic mechanisms.
The second part focuses on architecture, where we introduce a reference architecture for vehicle software updates to address the growing need for rapid and secure bug patching and software modifications. We present an attacker model, perform a threat assessment, define general security requirements that align with common security goals and directives, and provide formal proof of security and correctness. Furthermore, we propose a second reference architecture that addresses the digital forensic challenges identified in the first part of the thesis, with the aim of improving the security and effectiveness of forensic practices within the automotive domain.
In summary, this thesis presents tools and methodologies to strengthen cybersecurity in the automotive domain and guide compliance with regulations. It provides a proactive approach to predict and mitigate vehicle vulnerabilities, integrates resilience techniques into vehicle design, establishes a secure software update framework, and offers insights and guidelines for designing automotive digital forensic systems.