Automotive Embedded Systems Applications and Platform Embedded Security Requirements

  • Jan PelzlEmail author
  • Marko Wolf
  • Thomas Wollinger


Contemporary security solutions in the automotive domain usually have been implemented only in particular applications such as electronic immobilizers, access control, secure flashing, and secure activation of functions or protection of mileage counter. With cars, which become increasingly smart, automotive security will play a crucial role for the reliability and trustworthiness of modern automotive systems. In this chapter, we will introduce the topic of automotive security and provide motivation for security in embedded automotive platforms.


Smart Card Security Mechanism Universal Mobile Telecommunication System Controller Area Network Electronic Control Unit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    K. Finkenzeller, RFID Handbook: Radio-Frequency identification fundamentals and applications, Wiley, 1999.Google Scholar
  2. 2.
    European Technical Standards Institute (ETSI),
  3. 3.
    M. Mouly, M-B Pautet, The GSM System for Mobile Communications, Cell & Sys. Correspondence 1992.Google Scholar
  4. 4.
    Third Generation Partnership project (3GPP),
  5. 5.
    ETSI SAGE Group (originally), 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 1: General, 3GPP TS 35.205.Google Scholar
  6. 6.
    Security Algorithms Group of Experts (SAGE),
  7. 7.
    NIST, Advanced Encryption Standard, FIPS 197, 2001,
  8. 8.
    3GPP, Specification of the SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface (Release 1999) 3GPP TS 11.14 V8.18.0, 2007–06.Google Scholar
  9. 9.
    The Java Card Forum
  10. 10.
    3GPP, Security mechanisms for the (U)SIM application toolkit; Stage 2 (Release 5) TS 23.048 V5.9.0, 2005–06.Google Scholar
  11. 11.
    GlobalPlatform, GlobalPlatform Card Specification, 2006.Google Scholar
  12. 12.
    3GPP, Specification of the Subscriber Identity Module -Mobile Equipment (SIM - ME) interface (Release 1999) TS 11.11 V8.14.0 (2007–06).Google Scholar
  13. 13.
    International Standard Organisation, “ISO/IEC 7816, Information technology - Identification cards - Integrated circuit(s) cards with contacts- Part 4 Interindustry commands for interchange”,, 1995
  14. 14.
    David Wagner and Ian Goldberg, “GSM Cloning”, ISAAC Berkley,, 1998
  15. 15.
    Anderson Ross, Kuhn Markus, “Tamper resistance - a cautionary note ”, second USENIX workshop on electronic Commerce Nov 1996.Google Scholar
  16. 16.
    Paul Kocher, “Timing Attacks on Implementations of Diffie-Hellman RSA DSS and Other Systems”, Advances in Cryptology - CRYPTO ’96, LNCS 1109, 104–113, 1996.Google Scholar
  17. 17.
    Paul Kocher, Joshua Jaffe and Benjamin Jun,“Differntial Power Analysis, Advances in Cryptology - CRYPTO ’99, LNCS1666, 388–397, 1999.Google Scholar
  18. 18.
    E. Biham, A. Shamir, “Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology”, Vol. 4 No. 1, 1991.Google Scholar
  19. 19.
    Kumar Sandeep et al, “How to break DES for €8,980 ”, CHES 2006,
  20. 20.
    Eli Biham, Adi Shamir, “Differential Fault Analusis of Secret Key Cryptosystems”, Technicon Computer science dept - Technical report CS0910.revised, 1997.Google Scholar
  21. 21.
    Tiago Alves and Don Felton. TrustZone: Integrated hardware and software security: Enabling trusted computing in embedded systems., July 2004.Google Scholar
  22. 22.
    Mayes Keith and Markantonakis Konstantinos, On the potential of high density smart cards, Elsevier, Information Security Technical Report Vol11 No3 2006.Google Scholar
  23. 23.
    Universal Serial Bus (USB) Forum,
  24. 24.
    Etsi, SCP Group, SCP Specifications,
  25. 25.
    Near Field Communication (NFC) Forum
  26. 26.
    GSM Association,
  27. 27.
    Trusted Computing Group,
  28. 28.
    TCG. TCG Specification Architecture Overview. Trusted Computing Group, 1.2 edition, April 2004.Google Scholar
  29. 29.
    R. L. Rivest, A. Shamir, L. M. Adelman. A method for obtaining digital signatures and public key cryptosystems. Technical, Report MIT/LCS/TM-82, 1977.Google Scholar
  30. 30.
    National Institute of Standards. Secure hash standard. Federal Information Processing Standards (FIPS) 180–1, 1995.Google Scholar
  31. 31.
    ISO/IEC. ISO/IEC 10118–3 Information technology - Security techniques - Hash-functions - Part 3: Dedicated hash-functions. International Organization for Standardization,, 2004
  32. 32.
    Berk Sunar, William J. Martin, and Douglas R. Stinson. A provably secure true random number generator with built-in tolerance to active attacks. IEEE Transactions on Computers, 56(1):109–119, 2007.CrossRefMathSciNetGoogle Scholar
  33. 33.
    C J Mitchell, editor. Trusted Computing. IEE Press, 2005.Google Scholar
  34. 34.
    Roger L. Kay. How to implement trusted computing, a guide to tighter enterprise security. Endpoint Technologies Associates
  35. 35.
  36. 36.
    Trusted Computing Group. Embedded systems and trusted computing security.
  37. 37.
    International Organization for Standardization. ISO/IEC 15408: Information Technology- Security Techniques- Evaluation Criteria for IT, Security, 1999.Google Scholar
  38. 38.
    Trusted Computer Group, Mobile Trusted Module Specification 1.0. June 2007.Google Scholar
  39. 39.
    Trusted Computing Group. Mobile Trusted Module Specification faq - general overview., June 2007.Google Scholar
  40. 40.
    Mobile Phone Working Group. Use case scenarios v 2.7., 2005.
  41. 41.
    DELL. Securing network-based client computing: User and machine security. Dell’s Technology White Papers, 2004.Google Scholar
  42. 42.
    Eimear Gallery, “Trusted computing technologies and their use in the provision of high assurance SDR platforms”, SDR Technical Conference, Orlando, USA, 13–17 November, 2006.Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  1. 1.ESCRYPT GmbHEmbedded SecurityBochumGermany

Personalised recommendations