Abstract
Since automotive IT is becoming more and more powerful, the IT-security in this domain is an evolving area of research. In this paper we focus on the relevance of the black box perspective in the context of threat analyses for automotive IT systems and discuss typical starting points and implications of respective attacks. We put a special focus on potential privacy issues, which we expect to be of increasing relevance in future automotive systems. To motivate appropriate provision for privacy protection in future cars we discuss potential scenarios of privacy violations. To underline the relevance even today, we further present a novel attack on a recent gateway ECU enabling an attacker to sniff arbitrary internal communication even beyond subnetwork borders.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wolf, M., Weimerskirch, A., Wollinger, T.: State of the Art: Embedding Security in Vehicles. EURASIP Journal on Embedded Systems 2007, Article ID 74706, 16 (2007)
Büker, U., Schmidt, R., Fahreridentifikation, B.: Automotive Security, VDI-Berichte Nr. 2016. In: Proceedings of the 23. VDI/VW Gemeinschaftstagung Automotive Security, Wolfsburg, Germany, November 27-28. VDI-Verlag (2007)
Hoppe, T., Dittmann, J.: Vortäuschen von Komponentenfunktionalität im Automobil: Safety- und Komfort-Implikationen durch Security-Verletzungen am Beispiel des Airbags. In: Sicherheit 2008; Sicherheit - Schutz und Zuverlässigkeit, Saarbrücken, Germany (2008)
VUFO-Verkehrsunfallforschung an der TU Dresden GmbH(January 2009), http://www.verkehrsunfallforschung.de/
BOSCH CAN (January 2009), http://www.can.bosch.com/
Vector Informatik CANoe (January 2009), http://www.vector.com/vi_canoe_de.html
Hoppe, T., Kiltz, S., Dittmann, J.: IDS als zukünftige Ergänzung automotiver IT-Sicherheit. In: Horster, P. (ed.) DACH Security 2008; Bestandsaufnahme, Konzepte, Anwendungen, Perspektiven; Syssec (2008)
Weyl, B.: Secure and Privacy-Preserving Car-to-X Applications: C2C-CC Baseline Concepts, escar – Embedded Security In Cars, Munich, Germany, November 6-7 (2007)
Wolf, M., Weimerskirch, A., Paar, C.: Sicherheit in automobilen Bussystemen, Automotive - Safety & Security 2004, Oktober 6-7. Universität Stuttgart (2004)
BMW Teleservice Diagnosis and Help (Teleservice of the BMW Connected Drive system) (January 2009), http://www.bmw.com/com/en/insights/technology/connecteddrive/bmw_teleservices_2.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hoppe, T., Kiltz, S., Dittmann, J. (2009). Automotive IT-Security as a Challenge: Basic Attacks from the Black Box Perspective on the Example of Privacy Threats. In: Buth, B., Rabe, G., Seyfarth, T. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2009. Lecture Notes in Computer Science, vol 5775. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04468-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-04468-7_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04467-0
Online ISBN: 978-3-642-04468-7
eBook Packages: Computer ScienceComputer Science (R0)