Skip to main content
SpringerLink
Log in

Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2008)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5219))

Included in the following conference series:

Abstract

A set of guidelines for creating a secure infrastructure for wireless diagnostics and software updates in vehicles is presented. The guidelines are derived from a risk assessment for a wireless infrastructure. From the outcome of the risk assessment, a set of security requirements to counter the identified security risks were developed. The security requirements can be viewed as guidelines to support a secure implementation of the wireless infrastructure. Moreover, we discuss the importance of defining security policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. See, W.-B.: Vehicle ECU Classification and Software Architectural Implications. Technical report, Feng Chia University, Taiwan (2006)

    Google Scholar 

  2. Miucic, R., Mahmud, S.M.: An In-Vehicle Distributed Technique for Remote Programming of Vehicles’ Embedded Software. Technical report, Electrical and Computer Engineering Department, Wayne State University, Detroit, MI 48202 USA (2005)

    Google Scholar 

  3. Nilsson, D.K., Larson, U.E., Jonsson, E.: Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles. Technical report, Chalmers University of Technology, 2008:02 (2008)

    Google Scholar 

  4. Mahmud, S.M., Shanker, S., Hossain, I.: Secure Software Upload in an Intelligent Vehicle via Wireless Communication Links. In: Proceedings of IEEE Intelligent Vehicles Symposium, pp. 587–592 (2005)

    Google Scholar 

  5. Raya, M., Papadimitratos, P., Hubaux, J.-P.: Securing Vehicular Communications. IEEE Wireless Communications 13(5), 8–15 (2006)

    Article  Google Scholar 

  6. Shavit, M., Gryc, A., Miucic, R.: Firmware Update over the Air (FOTA) for Automotive Industry. Technical Report 2007-01-3523, SAE (2007)

    Google Scholar 

  7. Miucic, R., Mahmud, S.M.: Wireless Multicasting for Remote Software Upload in Vehicles with Realistic Vehicle Movement. Technical report, Electrical and Computer Engineering Department, Wayne State University, Detroit, MI 48202 USA (2005)

    Google Scholar 

  8. Parrillo, L.C.: Wireless motor vehicle diagnostic and software upgrade system. U.S. patent 5442553 (1995)

    Google Scholar 

  9. Lightner, B., Botrego, D., Myers, C., Lowrey, L.H.: Wireless diagnostic system and method for monitoring vehicles. U.S. patent 6636790 (2003)

    Google Scholar 

  10. Suman, M.J., Zeinstra, M.L.: Remote vehicle programming system. U.S. patent 5479157 (1995)

    Google Scholar 

  11. Chen, C.-H.: Vehicle security system having wireless function-programming capability. U.S. patent 6184779 (2001)

    Google Scholar 

  12. Wolf, M., Weimerskirch, A., Paar, C.: Security in Automotive Bus Systems. In: Workshop on Embedded IT-Security in Cars, Bochum, Germany (November 2004)

    Google Scholar 

  13. Raya, M., Hubaux, J.-P.: The Security of Vehicular Ad Hoc Networks. In: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 11–21. ACM Press, New York (2005)

    Chapter  Google Scholar 

  14. Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  15. Howard, J.D., Longstaff, T.A.: A Common Language for Computer Security Incidents (SAND98-8667) (1998), http://www.cert.org/research/taxonomy_988667.pdf

  16. Hui, J.: Deluge 2.0 - TinyOS Network Programming Manual (2005), http://www.cs.berkeley.edu/~jwhui/research/deluge/deluge-manual.pdf

  17. IEEE. 1609.2. Standard for Wireless Access in Vehicular Networks (2004)

    Google Scholar 

  18. Raya, M., Jungels, D., Papadimitratos, P., Aad, I., Hubaux, J.-P.: Certificate Revocation in Vehicular Networks. Technical report, Laboratory for computer Communications and Applications (LCA), EPFL, Switzerland, 2006. LCA-Report-2006-006.

    Google Scholar 

  19. US-CERT. Current Malware Threats and Mitigation Strategies (2005), http://www.us-cert.gov/reading_room/malware-threats-mitigation.pdf

  20. Nilsson, D.K., Larson, U.E.: Secure Firmware Updates over the Air in Intelligent Vehicles. In: Proceedings of the First IEEE Vehicular Networking & Applications Workshop (Vehi-Mobi), pp. 380–384 (2008)

    Google Scholar 

  21. Levi, A., Savas, E.: Performance Evaluation of Public-Key Cryptosystem Operations in WTLS Protocol. In: Proceedings of the Eighth IEEE International Symposium on Computers and Communications, pp. 1245–1250 (2003)

    Google Scholar 

  22. Network Working Group. The TLS Protocol Version 1.0 (1999)

    Google Scholar 

  23. Nilsson, D.K., Larson, U.E.: Conducting Forensic Investigations of Cyber Attacks on Automobile In-Vehicle Networks. In: Proceedings of the First ACM International Conference on Forensic Applications and Techniques in Telecommunications, Information and Multimedia (e-Forensics). ACM Press, New York (2008)

    Google Scholar 

  24. Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P), pp. 258–263 (2006)

    Google Scholar 

  25. Trusted Computing Group. Trusted Platform Module Specification (2003), https://www.trustedcomputinggroup.org/specs/TPM

  26. Nilsson, D.K., Larson, U.E., Jonsson, E.: Efficient In-Vehicle Delayed Data Authentication based on Compound Message Authentication Codes. In: Proceedings of the IEEE 68th Vehicular Technology Conference (VTC2008-Fall) (2008)

    Google Scholar 

  27. Deal, R.: Cisco Router Firewall Security. Cisco Press (2004)

    Google Scholar 

  28. Network Working Group. Stream Control Transmission Protocol (SCTP) Specification (2006)

    Google Scholar 

  29. Nilsson, D.K., Phung, P.H., Larson, U.E.: Vehicle ECU Classification Based on Safety-Security Characteristics. In: Proceedings of the 13th International Conference on Road Transport and Information Control (RTIC) (2008)

    Google Scholar 

  30. Hoppe, T., Dittman, J.: Sniffing/Replay Attacks on CAN Buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy. In: Proceedings of the 2nd Workshop on Embedded Systems Security (WESS), Salzburg, Austria (2007)

    Google Scholar 

  31. Nilsson, D.K., Larson, U.E.: Simulated Attacks on CAN Buses: Vehicle virus. In: Proceedings of the Fifth IASTED Asian Conference on Communication Systems and Networks (ASIACSN). ACTA Press (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Chalmers University of Technology, SE-412 96, Gothenburg, Sweden

    Dennis K. Nilsson, Ulf E. Larson & Erland Jonsson

Authors
  1. Dennis K. Nilsson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ulf E. Larson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Erland Jonsson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing Science, Newcastle University, Claremont Tower, NE1 7RU, Newcastle upon Tyne, UK

    Michael D. Harrison

  2. Health Sciences Research Institute, University of Warwick, Coventry, CV4 7AL, UK

    Mark-Alexander Sujan

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nilsson, D.K., Larson, U.E., Jonsson, E. (2008). Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles. In: Harrison, M.D., Sujan, MA. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2008. Lecture Notes in Computer Science, vol 5219. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87698-4_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-87698-4_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-87697-7

  • Online ISBN: 978-3-540-87698-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation