Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Hardware-based Secure Communication Module to Protect Internet Connected Vehicles
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2018 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Information technology has not only been a driving force of the car industries within the last couple of years but it even seems to be of growing importance for the unforeseeable future. The inclusion of information technology is accompanied with the promise of increased comfort and the prospect that future autonomous and connected cars will become a place to spend our time while being on the road. Thus, car manufacturers strive to equip their next-generation cars with wireless network interfaces (e.g. WiFi, BlueTooth and 3G/4G) and to provide various services based on that. The availability of a wireless interface enables, on the one hand remote maintenance services (such as Over-the-Air (OTA) software updates and OTA calibration) at the passengers convenience and a whole eco-system of smart services based on access to the Internet and car-to-car/infrastructure/road/smartphone communication. On the other hand, the availability of telemetry data is a big chance for the manufacturers to obtain data on the performance of their fleet under real-life conditions. However, at the same time, a bi-directional interface that is always connected to the Internet opens up the threat of adversarial intrusion and hacked vehicles, which are, in the worst case, remote-controlled by hackers, or even malware - transforming hacked cars into driving botnets. Therefore, the need arises to implement security features to guarantee the passengers safety while maintaining functionality and comfort. In 2015 two security researchers demonstrated their attack on an unmodified Jeep Cherokee, allowing them to remotely control critical components like the steering or even the breaks of the vehicle. Also other research groups have implemented remote attacks showing the weaknesses of today’s internet connected cars. To increase security of the communication link of such vehicles, this thesis focuses on the development of a hardware-based Secure Communication Module (SCM). Such a module should provide a secure way for communication over the Internet. As the vehicle’s first layer of defense it should work as a firewall as well as a gateway to the inner-vehicle network. Being exposed to the Internet, the operation system of the SCM also needs to be hardened. Additionally, the SCM should isolate the internal car network, preventing malicious control of in-vehicle components. After designing a security concept based on well-known security techniques an ARM Cortex-A9 board i ii running an adopted Linux was used as prototype of an vehicular SCM. A penetration test was performed by an external company, specialized in security audits. The prototype was rated to provide adequate security for connected cars against external attacks. Beside the security, also the functionality was evaluated. Therefore the newly developed SCM was integrated into a car and an OTA firmware update of an internal car component was successfully performed. In contrast to an equivalent update without the security module, the main difference was an increased latency because of the additional device. This cost of a bit slower connection for increased security was accepted for an prototype. Because security is a rather new topic in the automotive industry the main goal of this thesis is to show one approach how a secure communication link can be implemented for connected cars. This can be used as basis for further research and my contribute to more security in a highly connected world. Even though this work is written with the aspect of automotive security, many concepts can be also used in the rapidly growing Internet of Things (IoT) field.

Place, publisher, year, edition, pages
2018. , p. 70
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:ltu:diva-69265OAI: oai:DiVA.org:ltu-69265DiVA, id: diva2:1215785
External cooperation
AVL LIST GmbH
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Supervisors
Examiners
Note

Confidential theseis. See reference LTU-1954-2018

Available from: 2018-06-18 Created: 2018-06-09 Last updated: 2018-06-18Bibliographically approved

Open Access in DiVA

The full text will be freely available from 2021-06-15 11:50
Available from 2021-06-15 11:50

Search in DiVA

By author/editor
Schmoll, Andreas
By organisation
Department of Computer Science, Electrical and Space Engineering
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 38 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf