Wireless Personal Communications

, Volume 92, Issue 4, pp 1511–1530 | Cite as

Vulnerabilities of Android OS-Based Telematics System

  • Hyo Jin Jo
  • Wonsuk Choi
  • Seoung Yeop Na
  • Samuel Woo
  • Dong Hoon Lee


Intelligent vehicle technologies have been developed rapidly. Modern vehicles include many Electronic Control Units (ECUs) and in-vehicle networks. While these technologies offer accurate vehicle control and increase the convenience and safety of drivers, their vulnerabilities also have been analyzed and exploited. Nevertheless, open platforms, such as the Android OS, have been introduced into vehicle systems without careful consideration about security issues. In this paper, we indicate the security problems of an Android OS-based telematics system. Our target device’s firmware is offered on a public Web site and is easily analyzed using public analysis tools. This means that our analysis methods are more scalable and practical than previous ones for remote attacks that require difficult analysis skills, such as signal processing and reverse engineering. We also found that the device allows malicious firmware to be updated because of a problem related to misuse of certificates. Furthermore, we conducted attack experiments using a real vehicle.


Telematics communication Controller Area Network Android Smart vehicle Open platform 


  1. 1.
  2. 2.
  3. 3.
    Basnight, Z., Butts, J. L, Jr., & Dube, T. (2013). Firmware modification attacks on programmable logic controllers. International Journal of Critical Infrastructure Protection, 6(2), 76–84.CrossRefGoogle Scholar
  4. 4.
    Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., & Kohno, T. (2011). Comprehensive experimental analyses of automotive attack surfaces. Proceedings of the 20th USENIX Conference on Security, SEC’11, Berkeley, CA, USA (pp. 6–6). USENIX Association.Google Scholar
  5. 5.
    Collberg, C. S., & Thomborson, C. (2002). Watermarking, tamper-proffing, and obfuscation: Tools for software protection. IEEE Transactions on Software Engineering, 28(8), 735–746.CrossRefGoogle Scholar
  6. 6.
  7. 7.
    Davis, R., Burns, A., Bril, R., & Lukkien, J. (2007). Controller area network (can) schedulability analysis: Refuted, revisited and revised. Real-Time Systems, 35(3), 239–272.CrossRefGoogle Scholar
  8. 8.
    Drake, J. J., Lanier, Z., Mulliner, C., Fora, P. O., Ridley, S. A., & Wicherski, G. (2014). Android Hacker’s Handbook. Hoboken: Wiley.Google Scholar
  9. 9.
    Elenkov, N. (2014). Android security internals an in-depth guide to Android’s Security Architecture. San Francisco: No Starch Press.Google Scholar
  10. 10.
    Exclusive: Google aiming to go straight into car with next android - sources,
  11. 11.
    Foster, I., Prudhomme, A., Koscher, K., & Savage, S. (2015). Fast and vulnerable: A story of telematic failures. 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington, D.C. USENIX Association.Google Scholar
  12. 12.
    Gm developer network,
  13. 13.
    Gm to adopt android os in. (2016).
  14. 14.
    Honda debuts android-based infotainment system for europe,
  15. 15.
    Hoppe, T., Kiltz, S., & Dittmann, J. (2011). Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures. Reliability Engineering & System Safety, 96(1), 11–25. Special Issue on Safecomp 2008.CrossRefGoogle Scholar
  16. 16.
    Hyundai kia will offer android-based infotainment systems,
  17. 17.
    Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H. and Savage, S. (2010). Experimental security analysis of a modern automobile. Security and Privacy (SP), 2010 IEEE Symposium on, (pp. 447–462) May.Google Scholar
  18. 18.
    Larson, U. E., & Nilsson, D. K. (2008). Securing vehicles against cyber attacks. Proceedings of the 4th annual workshop on Cyber security and information intelligence research (CSIIRW ’08), Article No.30, New York, NY: ACM.Google Scholar
  19. 19.
    Miller, C., & Valasek, C. (2015). Remote exploition of an unaltered passenger vehicle. Black Hat USA, 2015.Google Scholar
  20. 20.
    Miller, C., & Valasek, C. (2013). Adventures in automotive networks and control units. In DEFCON 21, Las Vegas, NV, August 2013.Google Scholar
  21. 21.
  22. 22.
    Open automotive alliance,
  23. 23.
  24. 24.
    Rouf, I., Miller, R., Mustafa, H., Taylor, T., Oh, S., Xu, W., Gruteser, M., Trappe, W., & Seskar, I. (2010). Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. Proceedings of the 19th USENIX Conference on Security, USENIX Security’10, Berkeley, CA, USA (pp. 21–21). USENIX Association.Google Scholar
  25. 25.
    The openxc platform,
  26. 26.
    White paper : An overview of samsung knox platform,
  27. 27.
    Wolf, M., Weimerskirch, A., Paar, C., & Bluetooth, M. (2004). Security in automotive bus systems. Proceedings of the Workshop on Embedded Security in Cars (escar)04.Google Scholar
  28. 28.
    Wolf, M., Weimerskirch, A., & Wollinger, T. (2007). State of the art: Embedding security in vehicles. EURASIP Journal on Embedded Systems, 2007(1), 074706.CrossRefGoogle Scholar
  29. 29.
    Woo, S., Jo, H., & Lee, D. (2015). A practical wireless attack on the connected car and security protocol for in-vehicle can. Intelligent Transportation Systems, IEEE Transactions on, 16(2), 993–1006.Google Scholar
  30. 30.
    Zhang, T., Antunes, H., & Aggarwal, S. (2014). Defending connected vehicles against malware: Challenges and a solution framework. Internet of Things Journal, IEEE, 1(1), 10–21.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  • Hyo Jin Jo
    • 1
  • Wonsuk Choi
    • 1
  • Seoung Yeop Na
    • 1
  • Samuel Woo
    • 1
  • Dong Hoon Lee
    • 1
  1. 1.Graduate School of Information SecurityKorea UniversitySeoulSouth Korea

Personalised recommendations