论文信息 - A Security Analysis of an In-Vehicle Infotainment and App Platform

A Security Analysis of an In-Vehicle Infotainment and App Platform

There is an increasing trend in the automotive industry towards integrating trusted third-party apps with In-Vehicle-Infotainment systems (IVI) via smartphones. This integration is typically facilitated by a pair of apps, one that executes on the smartphone and the other executes on the IVI which is connected to the Vehicle's Controller Area Network (CAN) bus. Throughout the evolution of these IVI and App platforms, there has been little public analysis of the security of these protocols and the frameworks that implement these apps on the IVI. This raises the question: to what extent are these apps, protocols and underlining IVI implementations vulnerable to an attacker who might gain control of a driver's smartphone? In this paper, we focus on gaining insights into this question by performing a comprehensive security analysis on an IVI system that is included in at least one 2015 model vehicle from a major automotive manufacturer. This IVI system included vestigial support for the MirrorLink protocol which is intentionally disabled but can be enabled by updating a single configuration value after applying a publicly available firmware update that is securely signed by the manufacturer. Based on our analysis, we document and demonstrate insecurities in the MirrorLink protocol and IVI implementation that could potentially enable an attacker with control of a driver's smartphone to send malicious messages on the vehicle's internal network.

[1] Raja Bose,et al. Terminal mode: transforming mobile devices into automotive application platforms , 2010, AutomotiveUI.

[2] Wenyuan Xu,et al. Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[3] Hovav Shacham,et al. Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[4] Bryan Parno,et al. Bootstrapping Trust in a "Trusted" Platform , 2008, HotSec.

[5] Hovav Shacham,et al. Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.

[6] Jana Dittmann,et al. Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2011, Reliab. Eng. Syst. Saf..

[7] Flavio D. Garcia,et al. Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer , 2013, USENIX Security Symposium.

[8] Matti Valovirta,et al. Experimental Security Analysis of a Modern Automobile , 2011 .

[9] Robert C. Seacord,et al. Secure coding in C and C , 2005 .

[10] Jana Dittmann,et al. Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[11] Stefan Savage,et al. Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.