Automotive Communication Security Methods and Recommendations for Securing In-vehicle and V2X Communications
Doktorsavhandling, 2019
Today’s vehicles contain approximately more than 100 interconnected computers (ECUs), several of which will be connected to the Internet or external devices and networks around the vehicle. In the near future vehicles will extensively communicate with their environment via Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I), together called V2X communications. Such level of connectivity enables car manufacturers to implement new entertainment systems and to provide safety features to decrease the number of road accidents. Moreover, authorities can deploy the traffic information provided by vehicular communications to improve the traffic management. Despite the great benefits that comes with vehicular communications, there are also risks associated with exposing a safety-critical integrated system to external networks. It has already been proved that vehicles can be remotely hacked and the safety critical functions such as braking system and steering wheel can be compromised to endanger the safety of passengers. This puts
high demands on IT security and car manufacturers to secure vehicular communications. This thesis proposes methods and recommendations for improving the security of internal and external vehicular communications.
The main contributions of this thesis are contained in six included papers, and cover the following research areas of automotive security: (i) secure network architecture design, (ii) attack protection, (iii) attack detection, and (iv) V2X security. The first two papers in the collection are on the topic of secure network architecture design and propose an automated approach for grouping in-vehicle ECUs into security domains which facilitate the implementation of security measures in in-vehicle networks. The third paper is on the topic of attack protection and evaluates the applicability of existing Controller Area Network (CAN) bus authentication solutions to a vehicular context. In particular, this paper identifies five critical requirements for an authentication solution to be used in such a context. The fourth paper deals with the issue of attack detection in in-vehicle networks and proposes a specification agnostic method for detecting intrusion in vehicles. The fifth paper identifies weaknesses or deficiencies in the design of the ETSI V2X security standard and proposes changes to fix the identified weaknesses or deficiencies. The last paper investigates the security implications of adopting 5G New Radio (NR) for V2X communications.
high demands on IT security and car manufacturers to secure vehicular communications. This thesis proposes methods and recommendations for improving the security of internal and external vehicular communications.
The main contributions of this thesis are contained in six included papers, and cover the following research areas of automotive security: (i) secure network architecture design, (ii) attack protection, (iii) attack detection, and (iv) V2X security. The first two papers in the collection are on the topic of secure network architecture design and propose an automated approach for grouping in-vehicle ECUs into security domains which facilitate the implementation of security measures in in-vehicle networks. The third paper is on the topic of attack protection and evaluates the applicability of existing Controller Area Network (CAN) bus authentication solutions to a vehicular context. In particular, this paper identifies five critical requirements for an authentication solution to be used in such a context. The fourth paper deals with the issue of attack detection in in-vehicle networks and proposes a specification agnostic method for detecting intrusion in vehicles. The fifth paper identifies weaknesses or deficiencies in the design of the ETSI V2X security standard and proposes changes to fix the identified weaknesses or deficiencies. The last paper investigates the security implications of adopting 5G New Radio (NR) for V2X communications.
V2X
security
automotive
vehicular communication
in-vehicle network
HA2, lecture hall, Hörsalsvägen 4, Campus Johanneberg
Opponent: Professor Dieter Gollmann, Hamburg University of Technology, Germany
Författare
Nasser Nowdehi
Chalmers, Data- och informationsteknik, Nätverk och system
A Preliminary Security Assessment of 5G V2X
IEEE Vehicular Technology Conference,;Vol. 2019-April(2019)
Paper i proceeding
In-vehicle CAN message authentication: An evaluation based on industrial criteria
IEEE Vehicular Technology Conference,;Vol. 2017-September(2017)p. 2413-2419
Paper i proceeding
Improving In-Vehicle Network Architectures Using Automated Partitioning Algorithms
IEEE Vehicular Networking Conference, VNC,;Vol. 2016-January(2016)p. 259 - 266
Paper i proceeding
Towards designing secure in-vehicle network architectures using community detection algorithms
IEEE Vehicular Networking Conference, VNC,;Vol. 2015-January(2015)p. 69-76
Paper i proceeding
Experiences from Implementing the ETSI ITS SecuredMessage Service
2014 IEEE Intelligent Vehicles Symposium. June 8 - 11, 2014, Dearborn, Michigan, USA,;(2014)p. 1055-1060
Paper i proceeding
N, Nowdehi. W, Aoudi. M, Almgren. T, Olovsson. CASAD: CAN-Aware Stealthy-Attack Detection for In-Vehicle Networks
Säkerhetsramverk för fordonskommunikation (SeFram)
VINNOVA (2011-04434), 2012-01-01 -- 2015-08-21.
Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)
VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.
Styrkeområden
Informations- och kommunikationsteknik
Transport
Ämneskategorier
Kommunikationssystem
Inbäddad systemteknik
Datorsystem
ISBN
978-91-7905-227-0
Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 4694
Utgivare
Chalmers
HA2, lecture hall, Hörsalsvägen 4, Campus Johanneberg
Opponent: Professor Dieter Gollmann, Hamburg University of Technology, Germany