Abstract
Wireless vehicle diagnostics is expected to provide great improvements to the maintenance of future cars. By using certificates, vehicles can identify diagnostics equipment for a diagnostics session, even over long distances. However, since the diagnostics equipment contains authentication keys used to authenticate such sessions, it is critical that neither the keys nor the equipment is lost. Such a loss can give unauthorised access to any vehicle accepting these keys until the theft is detected and the certificates are revoked. In this paper, we propose a method to protect vehicles against unauthorised diagnostics sessions. A trusted third party is introduced to authorise sessions, thus we do not rely solely on proper identification and authentication of diagnostics equipment. Our approach enables vehicles to verify the validity of diagnostics requests. It is transparent to the diagnostics protocol being used, supports different levels of trust, and can control what commands are permitted during diagnostics sessions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dressler, F., Kargl, F., Ott, J., Tonguz, O., Wischhof, L.: Research Challenges in Intervehicular Communication: Lessons of the 2010 Dagstuhl Seminar. IEEE Communications Magazine 49(5), 158–164 (2011)
Kleberger, P., Olovsson, T., Jonsson, E.: An In-Depth Analysis of the Security of the Connected Repair Shop. In: Proc. of the Seventh International Conference on Systems and Networks Communications (ICSNC 2012), November 18-23, pp. 99–107. IARIA, Lisbon (2012)
Kelling, E., Friedewald, M., Leimbach, T., Menzel, M., Säger, P., Seudié, H., Weyl, B.: Specification and evaluation of e-security relevant use cases. EVITA Project, Deliverable D2.1, v1.2. (December 30, 2009)
ETSI: Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Definitions. Technical Report TR 102 638, v1.1.1, ETSI, 650 Route des Lucioles, F-06921 Sophia Antipolis Cedex, France (June 2009)
Idrees, M.S., Schweppe, H., Roudier, Y., Wolf, M., Scheuermann, D., Henniger, O.: Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates. In: Strang, T., Festag, A., Vinel, A., Mehmood, R., Rico Garcia, C., Röckl, M. (eds.) Nets4Trains/Nets4Cars 2011. LNCS, vol. 6596, pp. 224–238. Springer, Heidelberg (2011)
Mahmud, S.M., Shanker, S., Hossain, I.: Secure Software Upload in an Intelligent Vehicle via Wireless Communication Links. In: Proc. of the IEEE Intelligent Vehicles Symposium, pp. 588–593 (2005)
Hossain, I., Mahmud, S.M.: Secure Multicast Protocol for Remote Software Upload in Intelligent Vehicles. In: Proc. of the 5th Ann. Intel. Vehicle Systems Symp. of National Defense Industries Association (NDIA), Traverse City, MI, National Automotive Center and Vectronics Technology, June 13-16, pp. 145–155 (2005)
Nilsson, D.K., Larson, U.E.: Secure Firmware Updates over the Air in Intelligent Vehicles. In: Proc. IEEE International Conference on Communications Workshops (ICC Workshops)., May 19-23, pp. 380–384 (2008)
Nilsson, D.K., Larson, U.E., Jonsson, E.: Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 207–220. Springer, Heidelberg (2008)
Moustafa, H., Bourdon, G., Gourhant, Y.: Providing Authentication and Access Control in Vehicular Network Environment. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds.) Security and Privacy in Dynamic Environments. IFIP, vol. 201, pp. 62–73. Springer, Boston (2006)
Coronado, E., Cherkaoui, S.: A secure service architecture to support wireless vehicular networks. International Journal of Autonomous and Adaptive Communications Systems 3(2), 136–158 (2010)
Casola, V., Luna, J., Mazzeo, A., Medina, M., Rak, M., Serna, J.: An interoperability system for authentication and authorisation in VANETs. International Journal of Autonomous and Adaptive Communications Systems 3(2), 115–135 (2010)
Rigney, C., Willens, S., Rubens, A., Simpson, W.: RFC 2865: Remote Authentication Dial In User Service (RADIUS) (June 2000)
Steiner, J., Neuman, C., Schiller, J.: Kerberos: An authentication service for open network systems. In: Usenix Conference Proceedings, vol. 191, p. 202 (1988)
Hill, J.: An Analysis of the RADIUS Authentication Protocol (November 24, 2001), http://www.untruth.org/~josh/security/radius/radius-auth.html . (verified June 6, 2013)
Howard, J.D., Longstaff, T.A.: A Common Language for Computer Security Incidents. (Sandia Report: SAND98-8667) (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kleberger, P., Olovsson, T. (2013). Protecting Vehicles Against Unauthorised Diagnostics Sessions Using Trusted Third Parties. In: Bitsch, F., Guiochet, J., Kaâniche, M. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2013. Lecture Notes in Computer Science, vol 8153. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40793-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-40793-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40792-5
Online ISBN: 978-3-642-40793-2
eBook Packages: Computer ScienceComputer Science (R0)