Journal Title : International Journal of Modern Trends in Engineering and Science
Paper Title : EFFICIENT PROTOCOLS FOR SECURE FOTA IMPLEMENTATION ON VEHICLE NETWORKS
Volume 03 Issue 10 2016
ISSN no: 2348-3121
Page no: 14-18
Abstract – An upcoming trend for automotive manufacturers is to perform remote diagnostics and firmware updates Over The Air, which allows identifying hardware problems and correction of software flaws with minimal customer inconvenience. These procedures require that then previously isolated in-vehicle network permits external communication, which introduces a number of security risks, e.g., cyber attack threats. In this paper, we identify cyber attack threats and classify the electronic control units (ECUs) in the in-vehicle network to assist in determining which ones to protect and restrict access to. We divide the ECUs into five categories: power train, vehicle safety, comfort, infotainment, and telemetric. We then use four safety integrity levels to classify the ECU categories. Moreover, we define safety effect levels of security threats which are used to classify identified attacks in the remote diagnostics and firmware updates over the air procedures. The safety and security levels are combined to classify the ECU categories. From the results we conclude that ECU categories such as power train and vehicle safety require further protection prior to introducing remote connectivity. As a conclusion, we suggest that automotive manufacturers should emphasize security or restrict the remote diagnostics and firmware updates over the air procedures to certain ECUs.
Keywords— Remote diagnostics, Firmware update, Bootloader, Electronic Control unit (ECU)
- Almeida. L,Pedreiras.P, and Fonseca J.A.G, The FTT-CAN protocol: why and how. Industrial Electronics, IEEE Transactions on, vol.49, no.6, pp. 1189- 1201, 2014
- R. Anderson, F. Bergadano, B. Crispo, J.-H. Lee, C. Manifavas, and R. Needham. A new family of authentication protocols. SIGOPS Oper. Syst. Rev., 32:9–20, October 2013.
- H. K. Aslan. A hybrid scheme for multicast authentication over lossy networks. Computers & Security, 23(8):705 – 713, 2004
- H. Bar-El. Intra-vehicle information security framework. In Proceedingsof 9th Embedded Security in Cars Conference, ESCAR, September 2009.
- M. Barranco, J. Proenza, and L. Almeida. Quantitative comparison of the error-containment capabilities of a bus and a star topology in CAN networks. Industrial Electronics, IEEE Transactions on, 99, 2009.
- D. Berbecaru, L. Albertalli, and A. Lioy. The ForwardDiffSig schemefor multicast authentication. IEEE/ACM Transactions on Networking, 18:1855–1868, December 2010.