A Survey of Security and Privacy in Connected Vehicles [chapter]

Lotfi Ben Othmane, Harold Weffers, Mohd Murtadha Mohamad, Marko Wolf
2015 Wireless Sensor and Mobile Ad-Hoc Networks  
Electronic Control Units (ECUs) of a vehicle control the behavior of its devices-e.g., break and engine. They communicate through the in-vehicle network. Vehicles communicate with other vehicles and Road Side Units (RSUs) through Vehicular Ad-hoc Networks (VANets), with personal devices through Wireless Personal Area Networks (WPANs), and with service center systems through cellular networks. A vehicle that uses an external network, in addition to the in-vehicle network, is called connected
more » ... cle. A connected vehicle could benefit from smart mobility applications: applications that use information generated by vehicles, e.g., cooperative adaptive cruise control. However, connecting in-vehicle network, VANet, WPAN, and cellular network increases the count and complexity of threats to vehicles, which makes developing security and privacy solutions for connected vehicles more challenging. In this work we provide a taxonomy for security and privacy aspects of connected vehicle. The aspects are: security of communication links, data validity, security of devices, identity and liability, access control, and privacy of drivers and vehicles. We use the taxonomy to classify the main threats to connected vehicles, and existing solutions that address the threats. We also report about the (only) approach for verifying security and privacy architecture of connected vehicle that we found in the literature. The taxonomy and survey could be used by security architects to develop security solutions for smart mobility applications. office that receives and sends data to vehicles or RSUs in order to assist and provide services to drivers, vehicle owners, and the public community. Example of SCs are fleet management systems. The cellular network enables communications of devices that have wireless communication capabilities (e.g., mobile phones) with mobile and land phones (cf. [3]). Several applications; such as, cooperative adaptive cruise control, remote firmware update, e-call, and remote diagnostic of vehicles use the integration of the four networks of a connected vehicle (Subsection 2.2 describes several applications). These applications are called smart mobility applications: applications that use data collected from vehicles to improve the use of vehicles and the safety and comfort of drivers, and to rationalize the use of public infrastructure. A connected vehicle is a vehicle whose ECUs communicate through an in-vehicle network, and it communicates with neighboring vehicles and RSUs through VANets, with personal devices through WPAN, and with Service Providers (SPs) and SCs through cellular network. 5 A connected vehicle is equipped with an on-Board Unit (OBU): a device for communicating a vehicle with other entities through VANets, WPAN, cellular network, and routing messages to/from ECUs of the vehicle. 6 Connected vehicles enable the use of Intelligent Transportation Systems (ITSs). ITSs support the efficient and safely use of transport infrastructure and means (cars, trains, planes, ships) to facilitate the mobility of human and goods through the use of information and communication technologies [4] . 7 An attacker who aims to change the behavior of a unconnected vehicle needs to be able to physically access to its devices, or access to its communication bus, or be able to install malicious code in a device connected to the in-vehicle network. Vehicle manufacturers have overlooked security of vehicles [5] . There is a common assumption, by the vehicle manufacturers, that it is highly unlikely that potential attackers could acquire one of these capabilities. The assumption is not valid anymore because vehicles become connected to other vehicles, to personal devices, and to SCs. Connected vehicles offer more capabilities for the attacker to compose complex attacks. An attacker could connect to the in-vehicle network of a target connected vehicle without the need for any of the capabilities listed above. For example, an attacker who has remote access to ECUs of a target 5 We do not enumerate all (possible) communication mediums-e.g., satellite communication-for vehicles. Instead, we discuss the networks that are commonly used and reported (in the literature) to impact the security and privacy of vehicles. 6 An OBU in general-e.g., OBU dedicated to VANets-does not act as a gateway to the in-vehicle network. 7 Terms smart mobility and ITS are often considered similar in the literature. In this work, we use vehicle to refer to car and truck when we discuss smart mobility and all transport means when we discuss ITS.
doi:10.1007/978-1-4939-2468-4_10 fatcat:xchhqdpwrba45gduolr5fwcbcm