Towards a Secure and Resilient Vehicle Design: Methodologies, Principles and Guidelines
Licentiatavhandling, 2022

The advent of autonomous and connected vehicles has brought new cyber security challenges to the automotive industry. It requires vehicles to be designed to remain dependable in the occurrence of cyber-attacks. A modern vehicle can contain over 150 computers, over 100 million lines of code, and various connection interfaces such as USB ports, WiFi, Bluetooth, and 4G/5G. The continuous technological advancements within the automotive industry allow safety enhancements due to increased control of, e.g., brakes, steering, and the engine. Although the technology is beneficial, its complexity has the side-effect to give rise to a multitude of vulnerabilities that might leverage the potential for cyber-attacks. Consequently, there is an increase in regulations that demand compliance with vehicle cyber security and resilience requirements that state vehicles should be designed to be resilient to cyber-attacks with the capability to detect and appropriately respond to these attacks. Moreover, increasing requirements for automotive digital forensic capabilities are beginning to emerge. Failures in automated driving functions can be caused by hardware and software failures as well as cyber security issues. It is imperative to investigate the cause of these failures. However, there is currently no clear guidance on how to comply with these regulations from a technical perspective.
In this thesis, we propose a methodology to predict and mitigate vulnerabilities in vehicles using a systematic approach for security analysis; a methodology further used to develop a framework ensuring a resilient and secure vehicle design concerning a multitude of analyzed vehicle cyber-attacks. Moreover, we review and analyze scientific literature on resilience techniques, fault tolerance, and dependability for attack detection, mitigation, recovery, and resilience endurance. These techniques are then further incorporated into the above-mentioned framework. Finally, to meet requirements to hastily and securely patch the increasing number of bugs in vehicle software, we propose a versatile framework for vehicle software updates.

Vehicle Attacks

Vehicle Software Updates

Vehicle Resilience

Vehicle Security

EC, EDIT building, Elektrogården 1
Opponent: Prof. Stefan Lindskog, Karlstad University

Författare

Kim Strandberg

Nätverk och System

UniSUF: a unified software update framework for vehicles utilizing isolation techniques and trusted execution environments

19th escar Europe : The World's Leading Automotive Cyber Security Conference,; (2021)p. 86-100

Paper i proceeding

Resilient Shield: Reinforcing the Resilience of Vehicles Against Security Threats

IEEE Vehicular Technology Conference,; Vol. 2021-April(2021)

Paper i proceeding

REMIND: A Framework for the Resilient Design of Automotive Systems

2020 IEEE Secure Development (SecDev),; (2020)p. 81-95

Paper i proceeding

Securing the Connected Car: A Security Enhancement Methodology

IEEE Vehicular Technology Magazine,; Vol. 13(2018)p. 56-65

Artikel i vetenskaplig tidskrift

Datasäkerhet för fordonssystem i en föränderlig miljö (CyReV fas 2)

VINNOVA (2019-03071), 2019-01-10 -- 2022-03-31.

Ämneskategorier

Data- och informationsvetenskap

Elektroteknik och elektronik

Utgivare

Chalmers

EC, EDIT building, Elektrogården 1

Opponent: Prof. Stefan Lindskog, Karlstad University

Mer information

Senast uppdaterat

2022-03-30