Securing the Wireless Vehicle-to-Infrastructure Environment: Diagnostics and Firmware Updates

Bok, 2008

In recent years, information technology has entered the automobile domain. Most of the functionality in a vehicle is controlled by electronics and firmware. There exist two main administrative functions: diagnostics and firmware update. Diagnostics is used to identify defective components and faulty firmware. The firmware update procedure is used to install new firmware in the vehicle. These administrative functions have, to date, been performed locally owing to the requirement of physical access to the vehicle. As this is considered inconvenient and inefficient, there is an emerging trend among automobile manufacturers to perform wireless diagnostics and firmware updates. This wireless vehicle-to-infrastructure environment, where the automobile manufacturer establishes a wireless connection to a vehicle, introduces a number of security threats. The vehicle domain has traditionally dealt mainly with safety concerns; however, the introduction of an intelligent attacker in this domain causes new problems and creates a need to consider security. This book focuses on the security aspects of wireless vehicle-to-infrastructure environments. Security threats for a hierarchical wireless vehicle network are first identified, and a set of security recommendations are presented. Furthermore, allowing external wireless communication with the previously isolated in-vehicle network introduces new attack vectors to the vehicle. The severity of these attacks shows the imminent need for security protection. Moreover, the security aspects of similar areas of research, such as authentication of wireless hand-held devices and key management in wireless process control systems, are investigated. Lessons learned from security issues in these areas could be taken into consideration when designing security for the wireless vehicle-to-infrastructure environment to avoid the same mistakes. Last, based on the lessons learned and the challenges identified, solutions for the wireless vehicle-to-infrastructure environment are suggested. This book serves to provide a better understanding of the security aspects of the vehicle-to-infrastructure environment.