Securing Vehicles against Cyber Attacks

Paper i proceeding, 2008

The automobile industry has grown to become an integral part of our everyday life. As vehicles evolve, the primarily mechanical solutions for vehicle control are gradually replaced by electronics and software solutions forming in-vehicle computer networks. An emerging trend is to introduce wireless technology in the vehicle domain by attaching a wireless gateway to the in-vehicle network. By allowing wireless communication, real-time information exchange between vehicles and between infrastructure and vehicles become reality. This communication allows for road condition reporting, decision making, and remote diagnostics and firmware updates over-the-air. However, allowing external parties wireless access to the in-vehicle network creates a potential entry-point for cyber attacks. In this paper, we investigate the security issues of allowing external wireless communication. We use a defense-in-depth perspective and discuss security challenges for each of the prevention, detection, deflection, countermeasures, and recovery layers.