Advertisement

Connected Vehicles in the Shark Tank: Rethinking the Challenge for Cybersecurity to Keep Pace with Digital Innovation

  • Nick G. Rambow
  • Steven Andorka
  • Kira Rambow-HoescheleEmail author
Conference paper
Part of the EAI/Springer Innovations in Communication and Computing book series (EAISICC)

Abstract

Although vehicle connectivity reveals significant potential to enrich mobility stakeholders, besides enhancing road safety, reducing congestion, and improving accessibility of personal mobility, it bears certain risks. On the one hand, societies, industries, firms, and economies can benefit from the globally growing market for connected vehicles enabled by digitization. On the other hand, cybersecurity threats emerge due to the increasing complexity of products with a rising number of electronic control units and lines of codes. Furthermore, the fragmented supply chain results in more complex policing and security. The rise of connected vehicles implies that stakeholders potentially have to reposition themselves within the mobility ecosystem and establish their roles along the value chain. Adapting across functions and reflecting upon new partnerships will be pivotal for companies to sustainably succeed on the market. Consumer, technology, and regulatory conditions will likely determine the full deployment of connected vehicles. This paper first distinguishes the relevant terms, explores the market environment, and studies the shift in the mobility ecosystem and value chain. Fundamentals of cybersecurity threats and connectivity features are investigated. Hacking the mind of a hacker, the discussion of potential cybersecurity solutions follows.

Keywords

Connected vehicle Cybersecurity Cyberattack anatomy 

References

  1. 1.
    Asaj, N., Schaub, F., Muter, M., Held, A., Weber, M.: ProTACD: a generic privacy process for vehicle development. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (2013).  https://doi.org/10.1109/TrustCom.2013.208
  2. 2.
    BBC.: Tesla and GM self-drive cars involved in road collisions. BBC. http://www.bbc.com/news/technology-42801772 (2018). Accessed 06 May 2018
  3. 3.
    Caroleo, B., Pautasso, E., Osella, M., Palumbo, E., Ferro, E.: Assessing the impacts of electric vehicles uptake: a system dynamics approach. In: 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), pp. 790–795 (2017).  https://doi.org/10.1109/COMPSAC.2017.67
  4. 4.
    IAV automotive engineering.: Zugriff erfolgreich abgewehrt. https://www.iav.com/automotion-magazine/automotion-03-2017/zugriff-erfolgreich-abgewehrt (2017). Accessed 06 May 2018
  5. 5.
    Joy, J., Gerla, M.: Internet of vehicles and autonomous connected car - privacy and security issues. In: 2017 26th International Conference on Computer Communication and Networks (ICCCN), pp. 1–9 (2017).  https://doi.org/10.1109/ICCCN.2017.8038391
  6. 6.
    Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S, et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462 (2010).  https://doi.org/10.1109/SP.2010.34
  7. 7.
    KPMG.: Security and the IoT ecosystem. https://assets.kpmg.com/content/dam/kpmg/pdf/2015/12/security-and-the-iot-ecosystem.pdf (2015). Accessed 06 May 2018
  8. 8.
    McKinsey & Company.: The Internet of Things: mapping the value beyond the hype. McKinsey Global Institute. https://www.mckinsey.de/files/unlocking_the_potential_of_the_internet_of_things_full_report.pdf (2015)
  9. 9.
    Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010).  https://doi.org/10.1016/j.comnet.2010.05.010 CrossRefzbMATHGoogle Scholar
  10. 10.
    Kneib, M., Huth, C.: On the fingerprinting of electronic control units using physical characteristics in controller area networks. In: INFORMATIK 2017, pp. 875–882 (2017).  https://doi.org/10.18420/in2017_88
  11. 11.
    Lanotte, R., Merro, M.: A semantic theory of the Internet of Things. Inf. Comput. 259(1), 72–101 (2018).  https://doi.org/10.1016/j.ic.2018.01.001 MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Tabane, E., Zuva, T.: Is there a room for security and privacy in IoT? In: 2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), pp. 260–264 (2016).  https://doi.org/10.1109/ICACCE.2016.8073758
  13. 13.
    Ammar, M., Russello, G., Crispo, B.: Internet of Things: a survey on the security of IoT frameworks. J. Inf. Secur. Appl. 38, 8–27 (2018).  https://doi.org/10.1016/j.jisa.2017.11.002 CrossRefGoogle Scholar
  14. 14.
    Sicari, S., Rizzardia, A., Griecob, L., Coen-porisinia, A.: Security, privacy and trust in Internet of Things: the road ahead. Comput. Netw. 76, 146 (2015)CrossRefGoogle Scholar
  15. 15.
    World Economic Forum: The global risks report 2018, 13th edition. http://www3.weforum.org/docs/WEF_GRR18_Report.pdf (2018)
  16. 16.
    Dignan, P.: The future of the connected car. https://www.manufacturingglobal.com/technology/future-connected-car (2017). Accessed 06 May 2018
  17. 17.
    L'Heureux, A., Grolinger, K., Elyamany, H., Capretz, M.: Machine learning with big data: challenges and approaches. IEEE Access. 5, 7776–7797 (2017).  https://doi.org/10.1109/ACCESS.2017.2696365 CrossRefGoogle Scholar
  18. 18.
    Rossi, B.: How driverless cars can and will be hacked. http://www.information-age.com/how-driverless-cars-can-and-will-be-hacked-2-123460231/ (2015). Accessed 06 May 2018
  19. 19.
    Alaba, F., Othman, M., Hashem, I., Alotaibi, F.: Internet of Things security: a survey. J. Netw. Comput. Appl. 88, 10–28 (2017).  https://doi.org/10.1016/j.jnca.2017.04.002 CrossRefGoogle Scholar
  20. 20.
    Albishi, S., Soh, B., Ullah, A., Algarni, F.: Challenges and solutions for applications and technologies in the Internet of Things. Proc. Comput. Sci. 124, 608–614 (2017).  https://doi.org/10.1016/j.procs.2017.12.196 CrossRefGoogle Scholar
  21. 21.
    Khurram, M., Kumar, H., Chandak, A., Sarwade, V., Arora, N., Quach, T.: Enhancing connected car adoption: security and over the air update framework. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), pp. 194–198 (2016).  https://doi.org/10.1109/WF-IoT.2016.7845430
  22. 22.
    Luthra, S., Garg, D., Mangla, S., Berwal, Y.: Analyzing challenges to Internet of Things (IoT) adoption and diffusion: an Indian context. Proc. Comput. Sci. 125, 733–739 (2018).  https://doi.org/10.1016/j.procs.2017.12.094 CrossRefGoogle Scholar
  23. 23.
    Müller, D.-R.: Safety, security, privacy und continuity – Die Überraschung kommt zum Schluss. https://www.informatik-aktuell.de/betrieb/sicherheit/safety-security-privacy-und-continuity-sspc-die-ueberraschung-kommt-zum-schluss.html (2017). Accessed 06 May 2018
  24. 24.
    Sierra Wireless: Fueling connected cars from the automotive industry. https://www.sierrawireless.com/applications/automotive-and-transport/automotive/ (2018). Accessed 08 May 2018
  25. 25.
    Google: Designing a connected vehicle platform on cloud IoT core. https://cloud.google.com/solutions/designing-connected-vehicle-platform (2017). Accessed 10 May 2018
  26. 26.
  27. 27.
    Baldwin, R.: OwnStar car hacker can remotely unlock BMWs, Benz and Chrysler. https://www.engadget.com/2015/08/13/ownstar-hack/ (2015). Accessed 12 May 2018
  28. 28.
    Bécsi, T., Aradi, S., Gáspár, P.: Security issues and vulnerabilities in connected car systems. In: 2015 International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS), pp. 477–482 (2015).  https://doi.org/10.1109/MTITS.2015.7223297
  29. 29.
    Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. http://illmatics.com/remote%20attack%20surfaces.pdf (2014). Accessed 11 May 2018
  30. 30.
    U.S. Department of Homeland Security: National Cybersecurity and Communications Integration Center/Industrial Control Systems Cyber Emergency Response Team review. https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2015_Final_ S508C.pdf (2015). Accessed 13 May 2018
  31. 31.
  32. 32.
    Girson, A.: IoT has a security problem - will 5G solve it? https://www.wirelessweek.com/article/2017/03/iot-has-security-problem-will-5g-solve-it (2017). Accessed 14 May 2018
  33. 33.
    Huawei: 5G security: forward thinking Huawei white paper. http://www.huawei.com/minisite/5g/img/5G_Security_Whitepaper_en.pdf (2015)
  34. 34.
    Li, S., Xu, L., Zhao, S.: 5G internet of things: a survey. J. Ind. Inf. Integr. 10, 1 (2018).  https://doi.org/10.1016/j.jii.2018.01.005 CrossRefGoogle Scholar
  35. 35.
    Jafarnejad, S., Codeca, L., Bronzi, W., Frank, R., Engel, T.: A car hacking experiment: when connectivity meets vulnerability. In: 2015 IEEE Globecom Workshops (GC Wkshps), pp. 1–6 (2015).  https://doi.org/10.1109/GLOCOMW.2015.7413993
  36. 36.
    McAfee: Automotive security best practices. https://www.mcafee.com/de/resources/white-papers/wp-automotive-security.pdf (2016)
  37. 37.
    Yaqoob, I., Ahmed, E., Rehman, M., Ahmed, A., Al-garadi, M., Imran, M., Guizani, M.: The rise of ransomware and emerging security challenges in the Internet of Things. Comput. Netw. 129(2), 444–458 (2017).  https://doi.org/10.1016/j.comnet.2017.09.003 CrossRefGoogle Scholar
  38. 38.
    Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaaniche, M., Laarouchi, Y. (2013). Survey on security threats and protection mechanisms in embedded automotive networks. In: The 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-2013).  https://doi.org/10.1109/DSNW.2013.6615528
  39. 39.
    Martinelli, F., Mercaldo, F., Nardone, V., Santone, A.: Car hacking identification through fuzzy logic algorithms. In: 2017 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE), pp. 1–7.  https://doi.org/10.1109/FUZZ-IEEE.2017.8015464
  40. 40.
    Förster, D.: Discussing different levels of privacy protection in vehicular ad-hoc networks. Ulmer Informatik-Berichte, pp. 31–32. https://pdfs.semanticscholar.org/974c/e32b617c11a18998fef3d543a8a35807a1ee.pdf#page=31 (2015)
  41. 41.
    Conti, M., Dehghantanha, A., Franke, K., Watson, S.: Internet of Things security and forensics: challenges and opportunities. Futur. Gener. Comput. Syst. 544–546 (2018).  https://doi.org/10.1016/j.future.2017.07.060
  42. 42.
    Foy, H.: Connected cars raise privacy and safety worries. Financial Times. https://www.ft.com/content/e663c6fa-643b-11e4-bac8-00144feabdc0 (2014). Accessed 10 May 2018
  43. 43.
    Ramsey, M., Boudette, N.: Auto makers face questions over privacy in connected cars (W. S. Journal, Editor). https://www.wsj.com/articles/auto-makers-face-questions-over-privacy-in-connected-cars-1389890063 (2014). Accessed 04 May 2018
  44. 44.
    Wall, M.: Is your connected car spying on you? (BBC, Editor). http://www.bbc.com/news/business-29566764 (2014). Accessed 04 May 2018
  45. 45.
    Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013).  https://doi.org/10.1016/j.comnet.2012.12 CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Nick G. Rambow
    • 1
    • 2
  • Steven Andorka
    • 3
  • Kira Rambow-Hoeschele
    • 4
    Email author
  1. 1.ESB Business SchoolReutlingenGermany
  2. 2.Portland State UniversityPortlandUSA
  3. 3.Glasgow Caledonian University, School of EngineeringGlasgowUK
  4. 4.Robert Bosch GmbH, Headquarters, Automotive StrategyStuttgartGermany

Personalised recommendations