research-article

Future cars: necessity for an adaptive and distributed multiple independent levels of security architecture

Authors:

Alexander Georg Camek,

Christian Buckl,

Alois KnollAuthors Info & Claims

HiCoNS '13: Proceedings of the 2nd ACM international conference on High confidence networked systems

Pages 17 - 24

https://doi.org/10.1145/2461446.2461450

Published: 09 April 2013 Publication History

Abstract

Current automotive systems contain security solutions provided as singular solutions. Security mechanisms are implemented for each automotive function individually. This individual security design leads to several problems: combining several functions that are for its own secure may not result in a secure system. Furthermore, the combination of functions might also lead to situations, where mechanisms erroneously detect a security threat. This paper argues that new features, such as Car-2-Car communication or autonomous driving, will result in new information and communication technology (ICT) architectures of cars. The paper will outline basic properties of this architecture and summarize resulting security threads. We will argue that security needs to be treated in a holistic way and that the design must be suitable for adaptive, multiple independent levels of security (MILS) architecture.

References

[1]

AUTomotive Open System ARchitecture (AUTOSAR) Release 4.0.

[2]

J. Alves-Foss, W. S. Harrison, P. Oman, and C. Taylor. The mils architecture for high-assurance embedded systems. International Journal of Embedded Systems, 2:239--247, 2006.

[3]

R. J. Anderson. What we can learn from api security. In B. Christianson, B. Crispo, J. A. Malcolm, and M. Roe, editors, Security Protocols Workshop, volume 3364 of Lecture Notes in Computer Science, pages 288--300. Springer, 2003.

Digital Library

[4]

R. J. Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley computer publishing. Wiley, 2nd edition edition, 2008.

Digital Library

[5]

M. Bernhard, C. Buckl, V. Döricht, M. Fehling, L. Fiege, H. von Grolman, N. Ivandic, C. Janelle, C. Klein, K.-J. Kuhn, C. Patzlaff, B. Riedl, B. Schatz, and C. Stanek. The Software Car: Information and Communication Technology (ICT) as an Engine for the Electromobility of the Future, Summary of results of the "eCar ICT System Architecture for Electromobility" research project sponsored by the Federal Ministry of Economics and Technology. ForTISS GmbH, March 2011.

[6]

R. Bless, G. Grotewold, C. Haas, B. Hackstein, S. Hofmann, A. Jentzsch, A. Kiening, C. Krauß, J. Lamberty, M. Müter, P. Schoo, L. Völker, and C. Werle. A security model for future vehicular electronic infrastructures. In 8th Embedded Security in Cars (escar), 2010.

[7]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the 20th USENIX conference on Security, SEC'11, pages 6--6, Berkeley, CA, USA, 2011. USENIX Association.

Digital Library

[8]

J. R. Douceur. The sybil attack. In Revised Papers from the First International Workshop on Peer-to-Peer Systems, IPTPS '01, pages 251--260, London, UK, UK, 2002. Springer-Verlag.

Digital Library

[9]

T. Hoppe, S. Kiltz, and J. Dittmann. Security threats to automotive can networks -- practical examples and selected short-term countermeasures. In Proceedings of the 27th international conference on Computer Safety, Reliability, and Security, SAFECOMP '08, pages 235--248, Berlin, Heidelberg, 2008. Springer-Verlag.

Digital Library

[10]

J. D. Howard and T. A. Longstaff. A Common Language for Computer Security Incidents. Samdia Report SAND98--8667, Sandia National Laboratories, Albuquerque, New Mexico 87185 and Livermore, California 94550, October 1998.

[11]

M. S. Idrees, H. Schweppe, Y. Roudier, M. Wolf, D. Scheuermann, and O. Henniger. Secure automotive on-board protocols: a case of over-the-air firmware updates. In Proceedings of the Third international conference on Communication technologies for vehicles, Nets4Cars/Nets4Trains'11, pages 224--238, Berlin, Heidelberg, 2011. Springer-Verlag.

Digital Library

[12]

K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental security analysis of a modern automobile. In Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP '10, pages 447--462, Washington, DC, USA, 2010. IEEE Computer Society.

Digital Library

[13]

B. W. Lampson. A note on the confinement problem. Commun. ACM, 16(10):613--615, Oct. 1973.

Digital Library

[14]

N. Mead, E. Hough, and T. S. II. Security Quality Requirements Engineering. Technical Report Carnegie Mellon University/SEI-2005-TR-009, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, 2005.

[15]

T. Nash. An undirected attack against critical infrastructure a case study for improving your control system security. US-Cert Control Systems Security Center, 1.2, 2005.

[16]

C. Paar, K. Schramm, A. Weimerskirch, and W. Burleson. Securing green cars: It security in next-generation electric vehicle systems.

[17]

G. J. Pottie and W. J. Kaiser. Principles of Embedded Networked Systems Design. Cambridge University Press, New York, NY, USA, 1st edition, 2009.

Digital Library

[18]

J. M. Rushby. Design and verification of secure systems. In Proceedings of the eighth ACM symposium on Operating systems principles, SOSP '81, pages 12--21, New York, NY, USA, 1981. ACM.

Digital Library

[19]

G. Silberg and R. Wallace. Self-driving cars: The next revolution. Technical report, KPMG, 2012.

[20]

M. Wolf and T. Gendrullis. Design, implementation, and evaluation of a vehicular hardware security module. In Proceedings of the 14th international conference on Information Security and Cryptology, ICISC'11, pages 302--318, Berlin, Heidelberg, 2012. Springer-Verlag.

Digital Library

[21]

W. Xu, K. Ma, W. Trappe, and Y. Zhang. Jamming sensor networks: attack and defense strategies. Network, IEEE, 20(3):41--47, may-june 2006.

Digital Library

Cited By

DEMİR EKAYMAZ HYILDIZ İ(2023)Remote Maintenance and Software Update Methods for Connected VehiclesBalkan Journal of Electrical and Computer Engineering10.17694/bajece.128591911:3(232-238)Online publication date: 21-Aug-2023
https://doi.org/10.17694/bajece.1285919
Hamad MPrevelakis V(2020)SAVTA: A Hybrid Vehicular Threat Model: Overview and Case StudyInformation10.3390/info1105027311:5(273)Online publication date: 19-May-2020
https://doi.org/10.3390/info11050273
Silva EAraujo-Filho PCampelo D(2018)Experimental Evaluation of Cryptography Overhead in Automotive Safety-Critical Communication2018 IEEE 87th Vehicular Technology Conference (VTC Spring)10.1109/VTCSpring.2018.8417610(1-5)Online publication date: Jun-2018
https://doi.org/10.1109/VTCSpring.2018.8417610
Show More Cited By

Index Terms

Future cars: necessity for an adaptive and distributed multiple independent levels of security architecture

Recommendations

Future perspectives: the car and its IP-address - a potential safety and security risk assessment
SAFECOMP'07: Proceedings of the 26th international conference on Computer Safety, Reliability, and Security

The fast growing Internet technology has affected many areas of human life. As it offers a convenient and widely accepted approach for communication and service distribution it is expected to continue its influence to future system design. Motivated ...
Connected Vehicle: Monitor Automotive Embedded Systems via IoT Protocol UI
ICACR 2019: Proceedings of the 2019 3rd International Conference on Automation, Control and Robots

The Internet of Things (IoT) is a network of smart objects which are embedded with sensors, microcontrollers, communication protocols, and software, which helps these smart objects to share or exchange the data remotely. The Machine-to-Machine ...
A Survey on 6LoWPAN Security for IoT: Taxonomy, Architecture, and Future Directions
Abstract
Provisioning security to the communications, data, and partaking things in resource-constrained IoT is a huge challenge. Due to the scalability and interoperability among low power-consuming networks, 6LoWPAN is used widely in IoT. However, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

HiCoNS '13: Proceedings of the 2nd ACM international conference on High confidence networked systems

April 2013

152 pages

ISBN:9781450319614

DOI:10.1145/2461446

General Chairs:
S. Shankar Sastry
University of California, Berkeley, USA
,
Tamer Başar
University of Illinois at Urbana-Champaign, USA
,
Program Chairs:
Linda Bushnell
University of Washington, USA
,
Larry Rohrbough
University of California, Berkeley, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

HiCoNS '13

Sponsor:

SIGBED

HiCoNS '13: 2nd ACM International Conference on High Confidence Networked Systems

April 9 - 11, 2013

Pennsylvania, Philadelphia, USA

Acceptance Rates

HiCoNS '13 Paper Acceptance Rate 18 of 37 submissions, 49%;

Overall Acceptance Rate 30 of 55 submissions, 55%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
519
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)1

Reflects downloads up to 30 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

DEMİR EKAYMAZ HYILDIZ İ(2023)Remote Maintenance and Software Update Methods for Connected VehiclesBalkan Journal of Electrical and Computer Engineering10.17694/bajece.128591911:3(232-238)Online publication date: 21-Aug-2023
https://doi.org/10.17694/bajece.1285919
Hamad MPrevelakis V(2020)SAVTA: A Hybrid Vehicular Threat Model: Overview and Case StudyInformation10.3390/info1105027311:5(273)Online publication date: 19-May-2020
https://doi.org/10.3390/info11050273
Silva EAraujo-Filho PCampelo D(2018)Experimental Evaluation of Cryptography Overhead in Automotive Safety-Critical Communication2018 IEEE 87th Vehicular Technology Conference (VTC Spring)10.1109/VTCSpring.2018.8417610(1-5)Online publication date: Jun-2018
https://doi.org/10.1109/VTCSpring.2018.8417610
Okul ŞAydin MKeleş F(2018)Security Problems and Attacks on Smart CarsInternational Telecommunications Conference10.1007/978-981-13-0408-8_17(203-213)Online publication date: 6-Jul-2018
https://doi.org/10.1007/978-981-13-0408-8_17
Nawrath TFischer DMarkscheffel B(2016)Privacy-sensitive data in connected cars2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)10.1109/ICITST.2016.7856736(392-393)Online publication date: Dec-2016
https://doi.org/10.1109/ICITST.2016.7856736
Chong SMeyden R(2015)Using Architecture to Reason about Information SecurityACM Transactions on Information and System Security10.1145/282994918:2(1-30)Online publication date: 9-Dec-2015
https://dl.acm.org/doi/10.1145/2829949
Seifert SObermaisser R(2014)Secure automotive gateway — Secure communication for future cars2014 12th IEEE International Conference on Industrial Informatics (INDIN)10.1109/INDIN.2014.6945510(213-220)Online publication date: Jul-2014
https://doi.org/10.1109/INDIN.2014.6945510
Hanspach MKeller J(2013)In Guards We TrustProceedings of the 2013 International Conference on Social Computing10.1109/SocialCom.2013.87(578-585)Online publication date: 8-Sep-2013
https://dl.acm.org/doi/10.1109/SocialCom.2013.87

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents