On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines
Doktorsavhandling, 2021

Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements.

This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated.

The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks.

The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud.

security

secure communication

V2X

cyber-physical systems

resilience

in-vehicle network

automotive

HA2, lecture hall, Hörsalsvägen 4, Campus Johanneberg | Zoom: for the password, contact Thomas Rosenstatter
Opponent: Professor Eric Sax, Karlsruhe Institute of Technology, Germany

Författare

Thomas Rosenstatter

Chalmers, Data- och informationsteknik, Nätverk och system

Open Problems when Mapping Automotive Security Levels to System Requirements

Proceedings of the 4th International Conference on Vehicle Technology and Intelligent Transport Systems ,;(2018)p. 251-260

Paper i proceeding

Towards a Standardized Mapping from Automotive Security Levels to Security Mechanisms

IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC,;(2018)p. 1501-1507

Paper i proceeding

REMIND: A Framework for the Resilient Design of Automotive Systems

Proceedings - 2020 IEEE Secure Development, SecDev 2020,;(2020)p. 81-95

Paper i proceeding

Resilient Shield: Reinforcing the Resilience of Vehicles Against Security Threats

IEEE Vehicular Technology Conference,;Vol. 2021-April(2021)

Paper i proceeding

Extending AUTOSAR's Counter-based Solution for Freshness of Authenticated Messages in Vehicles

Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC,;(2019)p. 1-109

Paper i proceeding

Team Halmstad Approach to Cooperative Driving in the Grand Cooperative Driving Challenge 2016

IEEE Transactions on Intelligent Transportation Systems,;Vol. 19(2018)p. 1248-1261

Artikel i vetenskaplig tidskrift

Modelling the Level of Trust in a Cooperative Automated Vehicle Control System

IEEE Transactions on Intelligent Transportation Systems,;Vol. 19(2018)p. 1237-1247

Artikel i vetenskaplig tidskrift

V2C: A Trust-Based Vehicle to Cloud Anomaly Detection Framework for Automotive Systems

ACM International Conference Proceeding Series,;(2021)p. 1-10

Paper i proceeding

Methods and guidelines to protect vehicles from cyber security threats

Vehicles have come a long way from being purely mechanical systems to systems that comprise an internal network of more than 100 small microcontrollers. Vehicles are also connected to the Internet and communicate with other vehicles and the road infrastructure, such as traffic lights. Moreover, they are safety-critical systems that are operated by millions of people every day. Considering also the number of vehicles on the road and the large number of points attackers may use to get access into the system shows that securing vehicles is not only imperative to keep our society safe, but also challenging.

This research work focuses on cyber security and resilience of automotive systems. The former focuses on detecting and preventing attacks whereas the latter concentrates on maintaining the vehicle’s intended operation in the presence of faults and attacks, which may even require the vehicle to disable some functionality to protect the passengers in and around the car.

In this thesis, we provide methods that aid practitioners in identifying and selecting the necessary and appropriate security and resilience techniques during the design of an automotive system. Additionally, this thesis also proposes three techniques to secure them, namely a mechanism to secure the internal communication, a model to assess a vehicle’s behaviour and reliability when it is driving in traffic, and a framework to detect attacks and anomalies in a vehicle fleet.

Datasäkerhet för fordonssystem i en föränderlig miljö - fas 1 (CyReV)

VINNOVA (2018-05013), 2019-04-01 -- 2021-03-31.

Datasäkerhet för fordonssystem i en föränderlig miljö (CyReV fas 2)

VINNOVA (2019-03071), 2019-01-10 -- 2022-03-31.

Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)

VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.

Styrkeområden

Informations- och kommunikationsteknik

Transport

Ämneskategorier

Kommunikationssystem

Inbäddad systemteknik

Datorsystem

ISBN

978-91-7905-533-2

Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5000

Utgivare

Chalmers

HA2, lecture hall, Hörsalsvägen 4, Campus Johanneberg | Zoom: for the password, contact Thomas Rosenstatter

Online

Opponent: Professor Eric Sax, Karlsruhe Institute of Technology, Germany

Mer information

Senast uppdaterat

2021-09-17