On the road with third-party apps - Security, safety and privacy aspects of in-vehicle apps

Examensarbete för masterexamen

Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.12380/255949
Download file(s):
File Description SizeFormat 
255949.pdfFulltext838.22 kBAdobe PDFView/Open
Type: Examensarbete för masterexamen
Master Thesis
Title: On the road with third-party apps - Security, safety and privacy aspects of in-vehicle apps
Authors: Eriksson, Benjamin
Abstract: In recent years the automotive industry has started to digitise their vehicles. Traditionally cars have been equipped with radio, cassette or CD-players and more recently so-called infotainment systems. The abilities of these infotainment systems have developed over the years from only offering radio and navigation to now being a powerful Internet connected device comparable to tablets and smartphones. Recently several car manufacturers have announced the upcoming possibility to install third-party apps into these infotainment systems. With the prospect of downloading third-party code into a device that is integrated into a safety critical system, such as a vehicle with multiple environment sensors, there is a concern for both safety and user privacy. In this thesis, the safety, security and privacy aspects of in-vehicle apps are investigated. The thesis focuses on apps for the Android Automotive operating system which some car manufacturers, including Volvo Car Corporation (VCC), have opted to use in their infotainment systems. It is concluded that in-vehicle Android apps are fundamentally as secure as regular phone apps, the main differences stem from the fact that in-vehicle apps can affect road safety. The traditional Android API poses several risks to road safety while the Automotive version is more restricted it is still insufficient to not be a cause for concern. Furthermore, the added APIs in Automotive constitutes an elevated risk for user privacy. It is shown that the impact of these privacy risks can be mitigated to some extent by vetting apps with state-of-the-art static analysis tools. Finally, recommendations for security measures and vetting processes for secure in-vehicle app stores are presented.
Keywords: Data- och informationsvetenskap;Computer and Information Science
Issue Date: 2018
Publisher: Chalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)
Chalmers University of Technology / Department of Computer Science and Engineering (Chalmers)
URI: https://hdl.handle.net/20.500.12380/255949
Collection:Examensarbeten för masterexamen // Master Theses

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.