Advertisement

Security Challenges for Cooperative and Interconnected Mobility Systems

  • Tjerk Bijlsma
  • Sander de Kievit
  • Jacco van de Sluis
  • Ellen van Nunen
  • Igor Passchier
  • Eric Luiijf
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8328)

Abstract

Software is becoming an important part of the innovation for vehicles. In addition, the systems in vehicles become interconnected and also get external connections, to the internet and Vehicular Ad hoc NETworks (VANETs). These trends form a combined security and safety threat, because recent research has demonstrated a large number of security gaps for in-vehicle systems and their external connections.

This overview paper presents attacker incentives and the most important security risks that are identified for the parts that make up a cooperative mobility system. For cooperative systems, the application data integrity must be validated to determine if values can be trusted. Furthermore, secure alternatives will be required for positioning, in order to be usable by safety critical systems. To create a secure in-vehicle system, it should be secure by design. In addition to the technical challenges, overarching cyber security dilemmas are addressed, such as stimulating the economy vs. improving security. We expect that the discussed risks will be a challenge for research, industry and authorities in the coming years.

Keywords

Cooperative mobility systems interconnected mobility systems security vehicular ad hoc networks internet in-vehicle systems 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Almgren, M., et al.: Deliverable d6.2: Intermediate report on the security of the connected car. Technical report, SysSec (September 2012)Google Scholar
  2. 2.
    Apvrille, L., et al.: Secure automotive on-board electronics network architecture. In: World Automotive Congress (May 2010)Google Scholar
  3. 3.
    Arilou Tech. Car cyber security (December 2012), http://www.ariloutech.com/pages/carcyber.htm
  4. 4.
    Bailey, D.: War texting: Identifying and interacting with devices on the telephone network. Blackhat USA (2011)Google Scholar
  5. 5.
    Barton, M.: Mercedes revs mbrace2 with cloud updates (September 2012), http://www.wired.com/insights/2012/04/mercedes-mbrace2/
  6. 6.
    Becher, M., et al.: Mobile security catching up? revealing the nuts and bolts of the security of mobile devices. In: IEEE Symposium on Security and Privacy (SP), pp. 96–111 (May 2011)Google Scholar
  7. 7.
  8. 8.
    Capkun, S., Hubaux, J-P.: Secure positioning of wireless devices with application to sensor networks. In: Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), vol. 3, pp. 1917–1928. IEEE (2005)Google Scholar
  9. 9.
    Charette, R.: This car runs on code (February 2009), http://www.spectrum.ieee.org/feb09/7649
  10. 10.
    Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of USENIX Security (2011)Google Scholar
  11. 11.
    Commtouch. Commtouch internet threats trend report 2013 february (2013), http://www.commtouch.com/uploads/pdf/Commtouch-Internet-Threats-Trend-Report-2013-February.pdf
  12. 12.
    Daimler Technicity. mbrace2: The most important services of the new telematics platform in the U.S. (2012), http://www.daimler-technicity.de/en/mbrace2-services/
  13. 13.
    de Kievit, S., et al.: European Patent 12197138 (2012)Google Scholar
  14. 14.
    ESET Latin America’s Lab. Trends for 2013: Astonishing growth of malware (2012), http://go.eset.com/us/resources/white-papers/Trends_for_2013_preview.pdf
  15. 15.
    ETSI. Intelligent transport systems (its); security; security services and architecture. Technical Report ETSI TS 102 731 V1.1.1, Sophia Antipolis Cedex - FRANCE, DTS/ITS-0050001 (September 2010)Google Scholar
  16. 16.
    ETSI. Intelligent transport systems (its); security; threat, vulnerability and risk analysis (tvra). Technical Report ETSI TR 102 893 V1.1.1, Sophia Antipolis Cedex - FRANCE, DTR/ITS-0050005 (March 2010)Google Scholar
  17. 17.
    Felt, A., et al.: A survey of mobile malware in the wild. In: Proc. of the Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14. ACM (2011)Google Scholar
  18. 18.
    Ford Motor Company. Ford launches app developer program marking new course for customer-driven innovation and value creation (2013), http://media.ford.com/article_display.cfm?article_id=37551
  19. 19.
    Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. IACR ePrint Report 332 (2010)Google Scholar
  20. 20.
    Glass, M., et al.: Seissecurity in embedded ip-based systems. ATZelektronik Worldwide 5(1), 36–40 (2010)Google Scholar
  21. 21.
    Henniger, O., et al.: Securing vehicular on-board it systems: The evita project. In: VDI/VW Automotive Security Conference (2009)Google Scholar
  22. 22.
    Kargl, F., et al.: Secure vehicular communication systems: implementation, performance, and research challenges. IEEE Communications Magazine 46(11), 110–118 (2008)CrossRefGoogle Scholar
  23. 23.
    Kia Motors America. Kia motors announces google maps integration to enhance in-car connectivity (2013), http://www.prnewswire.com/news-releases/kia-motors-announces-google-maps-integration-to-enhance-in-car-connectivity-185401682.html
  24. 24.
    Klimburg, A., et al.: National Cyber Security Framework Manual. NATO CCD COE, Tallinn (2012)Google Scholar
  25. 25.
    Koscher, K., et al.: Experimental security analysis of a modern automobile. In: IEEE Symposium on Security and Privacy (SP), pp. 447–462 (2010)Google Scholar
  26. 26.
    Mollman, S.: From cars to tvs, apps are spreading to the real world (October 2009), http://edition.cnn.com/2009/TECH/10/08/apps.realworld/index.html
  27. 27.
    Papadimitratos, P., et al.: Secure vehicular communication systems: design and architecture. IEEE Communications Magazine 46(11), 100–109 (2008)CrossRefGoogle Scholar
  28. 28.
    Passchier, I., et al.: New services enabled by the connected car. Technical report, TNO, SMART 2010/0065, TNO-RPT-2011-01277 (June 2011)Google Scholar
  29. 29.
    Ploeg, J., et al.: Design and experimental evaluation of cooperative adaptive cruise control. In: Intelligent Transportation Systems (ITSC), pp. 260–265. IEEE (2011)Google Scholar
  30. 30.
    Raya, M., Hubaux, J.: The security of vehicular ad hoc networks. In: Proc. of Workshop on Security of Ad Hoc and Sensor Networks, pp. 11–21. ACM (2005)Google Scholar
  31. 31.
    Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. In: Proceedings of USENIX Security, pp. 323–338 (2010)Google Scholar
  32. 32.
    Schoch, E., et al.: Communication patterns in vanets. IEEE Communications Magazine 46(11), 119–125 (2008)CrossRefGoogle Scholar
  33. 33.
    Shabtai, A., et al.: Google android: A comprehensive security assessment. Security & Privacy 8(2), 35–44 (2010)CrossRefGoogle Scholar
  34. 34.
    Simmonds, A., Sandilands, P., van Ekert, L.: An ontology for network security attacks. Applied Computing, 317–323 (2004)Google Scholar
  35. 35.
    Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. In: Workshop on Embedded IT-Security in Cars, pp. 11–12 (2004)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  • Tjerk Bijlsma
    • 1
  • Sander de Kievit
    • 1
  • Jacco van de Sluis
    • 1
  • Ellen van Nunen
    • 1
  • Igor Passchier
    • 1
  • Eric Luiijf
    • 1
  1. 1.TNODelftThe Netherlands

Personalised recommendations