On the road with third-party apps - Security, safety and privacy aspects of in-vehicle apps
Ladda ner
Typ
Examensarbete för masterexamen
Master Thesis
Master Thesis
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2018
Författare
Eriksson, Benjamin
GROTH, JONAS
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
In recent years the automotive industry has started to digitise their vehicles. Traditionally cars have been equipped with radio, cassette or CD-players and more recently so-called infotainment systems. The abilities of these infotainment systems have developed over the years from only offering radio and navigation to now being a powerful Internet connected device comparable to tablets and smartphones. Recently several car manufacturers have announced the upcoming possibility to install third-party apps into these infotainment systems. With the prospect of downloading third-party code into a device that is integrated into a safety critical system, such as a vehicle with multiple environment sensors, there is a concern for both safety and user privacy. In this thesis, the safety, security and privacy aspects of in-vehicle apps are investigated. The thesis focuses on apps for the Android Automotive operating system which some car manufacturers, including Volvo Car Corporation (VCC), have opted to use in their infotainment systems. It is concluded that in-vehicle Android apps are fundamentally as secure as regular phone apps, the main differences stem from the fact that in-vehicle apps can affect road safety. The traditional Android API poses several risks to road safety while the Automotive version is more restricted it is still insufficient to not be a cause for concern. Furthermore, the added APIs in Automotive constitutes an elevated risk for user privacy. It is shown that the impact of these privacy risks can be mitigated to some extent by vetting apps with state-of-the-art static analysis tools. Finally, recommendations for security measures and vetting processes for secure in-vehicle app stores are presented.
Beskrivning
Ämne/nyckelord
Data- och informationsvetenskap , Computer and Information Science