Testing and Evaluation to Improve Data Security of Automotive Embedded Systems

Examensarbete för masterexamen

Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.12380/219731
Download file(s):
File Description SizeFormat 
219731.pdfFulltext3.46 MBAdobe PDFView/Open
Type: Examensarbete för masterexamen
Master Thesis
Title: Testing and Evaluation to Improve Data Security of Automotive Embedded Systems
Authors: Weschke, Johannes
Hesslund, Filip
Abstract: In the last two decades, the number of electronic control units (ECUs) in vehicles has increased dramatically. This has resulted in an increased complexity of the vehicles electrical and electronic systems. Electrical and electronic systems have gone from just controlling the engine to controlling every part of the vehicle, from the infotainment system to safety-critical systems. To allow for better collaboration between players in the automotive industry, a development partnership called AUTOSAR has emerged. Included in AUTOSAR is a module handling diagnostics (DCM). The module can be used to read data and change parameters in the ECUs and in the ECU software, since the DCM can access con dential information about the vehicle and modify running software of the ECU, for example the software controlling the engine, it is an attractive target for adversaries. There has been no published research about the security of the DCM module of the AUTOSAR software architecture (that we know of) and how the safety of the passengers can be a ected in the case of a security breach. This thesis tries to ll this research gap by conducting a threat analysis and risk assessment for the DCM module inside AUTOSAR. This thesis evaluates the security of an ECU assumed to control the engine of a vehicle and how possible consequences of an intrusion can a ect the overall safety. It also presents a number of tests used to evaluate the threats and risks found. The tests done targets threats regarding denial of service, tampering, and information disclosure. The thesis is concluded with proposing countermeasures for the threats and risks.
Keywords: Data- och informationsvetenskap;Informations- och kommunikationsteknik;Computer and Information Science;Information & Communication Technology
Issue Date: 2015
Publisher: Chalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)
Chalmers University of Technology / Department of Computer Science and Engineering (Chalmers)
URI: https://hdl.handle.net/20.500.12380/219731
Collection:Examensarbeten för masterexamen // Master Theses

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.