Avoiding Vulnerabilities in Connected Cars a methodology for finding vulnerabilities

Abstract

We have entered a new era where connectivity through Internet, everywhere and at all times is taken for granted. The development of cars has turned to a very advanced object with about 100 million lines of code and more than 100 electronic control units (ECUs) interconnected to control everything from steering, acceleration, brakes and other safety critical systems. One problem is that cars were never created with Internet connectivity in mind and adding this connectivity as an afterthought, raises a lot of security concerns. To the best of our knowledge, there exists no model or method suited for the vehicle industry which considers security analysis for the whole range from the start of the development to aftermarket release. Neither, have we been able to find any model or method which we consider suitable to use within the vehicle industry in a plain practical manner considering security evaluation and testing. Therefore, there is a need for a methodology which meets these requirements. This thesis assesses security considerations relating to potential vulnerabilities in vehicles and aims to introduce a method to find these vulnerabilities during development. This method is named PPDM (Predict-Prevent-Detect-Method) and is comprised of six phases, defined using state diagrams and pseudo code, with accompanied explanations. It covers the whole development cycle from idea to aftermarket security evaluation. By integrating PPDM into an industrial context, security can be considered in all development phases and also enabling method adaption to meet different situations. PPDM has been achieved by conducting research on various security models, security aspects and attacks. Attacks have been studied both theoretically and empirically. The empirical part is documented and suggested as usage to find vulnerabilities as part of PPDM. A validation of PPDM with a Target of Evaluation (TOE) is provided as Proof of Concept (POC), intended to demonstrate how PPDM can be used to find potential vulnerabilities. Keywords: automotive cyber security, vulnerability assessment, threat risk modelling, threat assessment, vehicle cyber attacks, exploratory testing, method integration, industrial integration, security models