IT-säkerhet i uppkopplade fordon - En analys av säkerhetsbilden på AGA-plattformen

Abstract

This thesis was commissioned by Combitech and explores security flaws in the platform Automotive Grade Android, AGA, and how these can be exploited and later solved. The thesis will present the flaws that have been found, the security mechanisms that have been identified as well as those that are recommended to be implemented. Furthermore, the thesis describes a comprehensive list of current and future interfaces of vehicle communication and common security flaws in them. The study shows several problems, architectural and implementational, and suggests encryption and virtualization as solutions for these, which are discussed in detail with information from interviews with related companies. In the case of virtualization a comparison of cost-reward versus hardware solutions, if the cost of a dedicated hardware unit is worth the added security, as well as the trend with hypervisors as a security solution. Encryption is theoretically discussed concerning the problems in the current architecture and presents a solution to those.