More Web Proxy on the site http://driver.im/

research-article

On authentication in a connected vehicle: secure integration of mobile devices with vehicular networks

Authors:

Swapna Divya Potluri,

Kang G. ShinAuthors Info & Claims

ICCPS '13: Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems

Pages 160 - 169

https://doi.org/10.1145/2502524.2502546

Published: 08 April 2013 Publication History

Abstract

Recent advances in in-vehicle technologies have paved way to a new era of connectivity. Vehicle manufacturers have already deployed various technologies for driving assistance, anti-theft, and infotainment. They are now developing ways to interface mobile devices with vehicles and provide the customer's smartphone or tablet the ability to send/receive information to/from the car. However, such an integration introduces severe security risks to the vehicle. The in-vehicle network was originally designed to operate in a closed environment and thus, security was not of concern. It has now become an important issue due to an increasing number of external interfaces to the in-vehicle network. Several studies have already shown that an in-vehicle network can be easily compromised just by connecting cheap commercial devices and doing reverse engineering. Although research efforts have been made to secure in-vehicle networks, most of them focused on defining security requirements, or presenting attack scenarios without providing any feasible solution. Also, to the best of our knowledge, there hasn't been any study with a specific focus on understanding and analyzing the security aspects of integrating mobile devices with cars. In this paper, we define the integration model, present the attack scenarios, define the security objectives, and then propose a 3-step verification mechanism that meets our objectives.

References

[1]

AUTOSAR. Automotive Open System Architecture.

[2]

M. Chavez, C. Rosete, and F. Henriquez. Achieving Confidentiality Security Service for CAN. In Electronics, Communications and Computers, 2005. CONIELECOMP 2005. Proceedings. 15th International Conference on, pages 166--170, 2005.

Digital Library

[3]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. Comprehensive experimental analyses of automotive attack surfaces. In SEC'11: Proceedings of the 20th USENIX conference on Security, pages 1--16. USENIX Association, Aug. 2011.

Digital Library

[4]

M. Dworkin. NIST SP 800--38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. Technical report, NIST, May 2005.

Digital Library

[5]

A. Elouafiq. Authentication and Encryption in GSM and 3GUMTS: An Emphasis on Protocols and Algorithms. arXiv.org, cs.CR, Apr. 2012.

[6]

EVITA. E-safety vehicle intrusion protected applications. EVITA Consortium.

[7]

Ford Motors. Inc. The openxc platform. http://openxcplatform, 2013.

[8]

B. Groza and P.-S. Murvay. Broadcast Authentication in a Low Speed Controller Area Network. revised postproceedings version of the paper presented at SECRYPT'11, to appear in e-Business and Telecommunications, Springer CCIS, pages 1--16, Feb. 2012.

[9]

K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental Security Analysis of a Modern Automobile. Security and Privacy (SP), 2010 IEEE Symposium on, pages 447--462, 2010.

Digital Library

[10]

D. Nilsson, U. Larson, and E. Jonsson. Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes. In Vehicular Technology Conference, 2008. VTC 2008--Fall. IEEE 68th, pages 1--5, 2008.

[11]

D. K. Nilsson, U. E. Larson, F. Picasso, and E. Jonsson. A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay. Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS'08, pages 1--8, Sept. 2008.

[12]

T. Nolte, H. Hansson, and C. Norstrom. Probabilistic worst-case response-time analysis for the controller area network. In Real-Time and Embedded Technology and Applications Symposium, 2003. Proceedings. The 9th IEEE, pages 200--207. IEEE Computer Society, 2003.

Digital Library

[13]

H. Schweppe, Y. Roudier, B. Weyl, L. Apvrille, and D. Scheuermann. Car2X Communication: Securing the Last Meter. WIVEC 2011, 4th IEEE International Symposium on Wireless Vehicular Communications, 5--6 September 2011, San Francisco, CA, United States, pages 1--5, June 2011.

[14]

R. VandenBrink. Dude, your car is pwned! SANSFIRE 2012, Washington, DC, Jul 6th - 15th 2012.

[15]

M. Wolf, A. Weimerskirch, and C. Paar. Security in Automotive Bus Systems. in: Proceedings of the Workshop on Embedded Security in Cars (escar)'04, pages 1--13, 2004.

Cited By

Stammler MSchade FBecker J(2024)Automated Polyhedron-based TDMA Schedule Design for Predictable Mixed-Criticality MPSoCs2024 27th Euromicro Conference on Digital System Design (DSD)10.1109/DSD64264.2024.00060(403-409)Online publication date: 28-Aug-2024
https://doi.org/10.1109/DSD64264.2024.00060
Carrillo-Torres DPérez-Díaz JCantoral-Ceballos JVargas-Rosales C(2023)A Novel Multi-Factor Authentication Algorithm Based on Image Recognition and User Established RelationsApplied Sciences10.3390/app1303137413:3(1374)Online publication date: 20-Jan-2023
https://doi.org/10.3390/app13031374
Lampe BMeng W(2023) Intrusion Detection in the Automotive Domain: A Comprehensive Review IEEE Communications Surveys & Tutorials10.1109/COMST.2023.330986425:4(2356-2426)Online publication date: Dec-2024
https://doi.org/10.1109/COMST.2023.3309864
Show More Cited By

Index Terms

On authentication in a connected vehicle: secure integration of mobile devices with vehicular networks

Recommendations

Global revocation for the intersection collision warning safety application
VANET '12: Proceedings of the ninth ACM international workshop on Vehicular inter-networking, systems, and applications

Identifying and removing malicious insiders from a network is a topic of active research. Vehicular ad hoc networks (VANETs) may suffer from insider attacks; that is, an attacker may use authorized vehicles to attack other vehicles. Specifically, ...
V2V Communication and Authentication: The Internet of Things Vehicles(Iotv)
Abstract
In this work concentrated confirmation security among the V2V correspondence. The paper anticipates an effectual RTSP protocol that combines the Internet of things, cloud with specialist innovation into one stage where it manages secure ...
A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN
Vehicle-IT convergence technology is a rapidly rising paradigm of modern vehicles, in which an electronic control unit (ECU) is used to control the vehicle electrical systems, and the controller area network (CAN), an in-vehicle network, is commonly used ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICCPS '13: Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems

April 2013

278 pages

ISBN:9781450319966

DOI:10.1145/2502524

General Chair:
Chenyang Lu
Washington University
,
Program Chairs:
P. R. Kumar
Texas A&M University
,
R. Stoleru
Texas A&M University

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

IEEE-CS\TCRT: TC on Real-Time Systems
SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ICCPS '13

Sponsor:

IEEE-CS\TCRT
SIGBED

ICCPS '13: ACM/IEEE 4th International Conference on Cyber-Physical Systems

April 8 - 11, 2013

Pennsylvania, Philadelphia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

34
Total Citations
View Citations
461
Total Downloads

Downloads (Last 12 months)32
Downloads (Last 6 weeks)1

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Stammler MSchade FBecker J(2024)Automated Polyhedron-based TDMA Schedule Design for Predictable Mixed-Criticality MPSoCs2024 27th Euromicro Conference on Digital System Design (DSD)10.1109/DSD64264.2024.00060(403-409)Online publication date: 28-Aug-2024
https://doi.org/10.1109/DSD64264.2024.00060
Carrillo-Torres DPérez-Díaz JCantoral-Ceballos JVargas-Rosales C(2023)A Novel Multi-Factor Authentication Algorithm Based on Image Recognition and User Established RelationsApplied Sciences10.3390/app1303137413:3(1374)Online publication date: 20-Jan-2023
https://doi.org/10.3390/app13031374
Lampe BMeng W(2023) Intrusion Detection in the Automotive Domain: A Comprehensive Review IEEE Communications Surveys & Tutorials10.1109/COMST.2023.330986425:4(2356-2426)Online publication date: Dec-2024
https://doi.org/10.1109/COMST.2023.3309864
Wang ZWei HWang JZeng XChang Y(2022)Security Issues and Solutions for Connected and Autonomous Vehicles in a Sustainable City: A SurveySustainability10.3390/su14191240914:19(12409)Online publication date: 29-Sep-2022
https://doi.org/10.3390/su141912409
Kang LShen H(2022)Detection and Mitigation of Sensor and CAN Bus Attacks in Vehicle Anti-Lock Braking SystemsACM Transactions on Cyber-Physical Systems10.1145/34955346:1(1-24)Online publication date: 6-Jan-2022
https://dl.acm.org/doi/10.1145/3495534
Rezazadeh Baee MSimpson LBoyen XFoo EPieprzyk J(2021)Authentication strategies in vehicular communications: a taxonomy and frameworkEURASIP Journal on Wireless Communications and Networking10.1186/s13638-021-01968-62021:1Online publication date: 21-May-2021
https://doi.org/10.1186/s13638-021-01968-6
RezazadehBaee MSimpson LBoyen XFoo EPieprzyk J(2021)A Model to Evaluate Reliability of Authentication Protocols in C-ITS Safety-Critical ApplicationsIEEE Transactions on Vehicular Technology10.1109/TVT.2021.309708870:9(9306-9319)Online publication date: Sep-2021
https://doi.org/10.1109/TVT.2021.3097088
El-Gleel MEl-Zawawi AEl-Habrouk M(2021)Secure Lightweight CAN Protocol Handling Message Loss for Electric Vehicles2021 International Conference on Communication, Control and Information Sciences (ICCISc)10.1109/ICCISc52257.2021.9484927(1-6)Online publication date: 16-Jun-2021
https://doi.org/10.1109/ICCISc52257.2021.9484927
Terzi SSavvaidis CSersemis AVotis KTzovaras D(2021)Decentralizing Identity Management and Vehicle Rights Delegation through Self-Sovereign Identities and Blockchain2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC51774.2021.00168(1217-1223)Online publication date: Jul-2021
https://doi.org/10.1109/COMPSAC51774.2021.00168
Xu WZhou HShen XXu WZhou HShen X(2021)Introduction of Internet Access of Vehicular NetworksInternet Access in Vehicular Networks10.1007/978-3-030-88991-3_1(1-12)Online publication date: 25-Sep-2021
https://doi.org/10.1007/978-3-030-88991-3_1
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents