Security Aspects of Wireless Vehicle-to-Infrastructure Environments
Licentiatavhandling, 2008

In recent years, information technology has entered the automobile domain. Most of the functionality in a vehicle is controlled by electronics and software. There exist two main administrative functions: diagnostics and software update. Diagnostics is used to identify defective components and faulty software. The software update procedure is used to install new software in the vehicle. These administrative functions have to date been performed locally owing to the requirement of physical access to the vehicle. As this is considered inconvenient and inefficient, there is an emerging trend among automobile manufacturers to perform wireless diagnostics and software updates. This wireless vehicle-to-infrastructure environment, where the automobile manufacturer establishes a wireless connection to a vehicle, introduces a number of security threats. The vehicle domain has traditionally dealt mainly with safety concerns; however, the introduction of an intelligent attacker in this domain causes new problems and creates a need to consider security. This thesis focuses on the security aspects of wireless vehicle-to-infrastructure environments. Security threats for a hierarchical wireless vehicle network are first identified, and a set of security recommendations are presented. Furthermore, allowing external wireless communication with the previously isolated in-vehicle network introduces new attack vectors to the vehicle. The criticality of these attacks shows the imminent need for security protection. Moreover, the security aspects of similar areas of research, such as authentication of wireless hand-held devices and key management in wireless process control systems, are investigated. Lessons learned from security issues in these areas could be taken into consideration when designing security for the wireless vehicle-to-infrastructure environment to avoid the same mistakes. Last, based on the lessons learned and the challenges identified, solutions for the wireless vehicle-to-infrastructure environment are suggested.





in-vehicle networks

EC, Hörsalsvägen 11, Chalmers University of Technology
Opponent: Dr. Christian Gehrmann, Axis Communications AB, Lund, Sweden


Dennis Nilsson

Chalmers, Data- och informationsteknik, Datorteknik

Key Management and Secure Software Updates in Wireless Process Control Environments

Proceedings of the First ACM Conference on Wireless Network Security (WiSec), March 31 - April 2, 2008, Alexandria, VA, USA,; (2008)p. 100-108

Paper i proceeding

Secure Firmware Updates over the Air in Intelligent Vehicles

ICC 2008 - 2008 IEEE International Conference on Communications Workshops; Beijing; China; 19 May 2008 through 23 May 2008,; (2008)p. 380-384

Paper i proceeding

How to Secure Bluetooth-based Pico Networks

Proceedings of the 26th International Conference on Computer Safety, Reliability, and Security (SAFECOMP), September 18-21, 2007, Nuremberg, Germany.,; (2007)p. 209-223

Paper i proceeding

Simulated Attacks on CAN Buses: Vehicle virus

Proceedings of the Fifth IASTED Asian Conference on Communication Systems and Networks (ASIACSN), April 2-4, 2008, Langkawi, Malaysia,; (2008)

Paper i proceeding



Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 52 L

EC, Hörsalsvägen 11, Chalmers University of Technology

Opponent: Dr. Christian Gehrmann, Axis Communications AB, Lund, Sweden

Mer information