Investigating Security Vulnerabilities in Modern Vehicle Systems

Modern vehicle systems have evolved from an isolated control system into an interconnected architecture combining software, hardware, and data. Such architecture is specialized into vehicle infotainment system (e.g., SYNC of Ford, iDrive of BMW and MMI of Audi), Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I), and vehicle social system which connects to social media networks. These systems hold private and sensitive information such as travel plans, social network messages, login credentials to bank accounts, and so on, which is a lucrative target for malicious attackers. Unfortunately, existing research overlooks the security issues with respect to this highly integrated system. This paper presents security issues across various systems related to modern vehicles through a a holistic and systematic view. We analyze each system components with respect to published attacks in details and present a synthesized body of knowledge. We identify the growing trend where security attacks are launched from the cyber space to vehicle control system via smartphones and vehicle networks. In the foreseeable future, we expect more security attacks both in numbers and in complexity. Knowing this will arise the awareness of vehicle system security and help engineers to build security solutions.

[1]  Flavio D. Garcia,et al.  Gone in 360 Seconds: Hijacking with Hitag2 , 2012, USENIX Security Symposium.

[2]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[3]  Nazmul Islam Certificate revocation in vehicular Ad Hoc networks: a novel approach , 2016, 2016 International Conference on Networking Systems and Security (NSysS).

[4]  R.R. Brooks,et al.  Automobile security concerns , 2009, IEEE Vehicular Technology Magazine.

[5]  Ali Emadi,et al.  Modern electric, hybrid electric, and fuel cell vehicles : fundamentals, theory, and design , 2009 .

[6]  Herbert Schuette,et al.  Hardware-in-the-Loop Testing of Vehicle Dynamics Controllers – A Technical Survey , 2005 .

[7]  Miad Faezipour,et al.  Progress and challenges in intelligent vehicle area networks , 2012, Commun. ACM.

[8]  Iris F. A. Vis,et al.  Survey of research in the design and control of automated guided vehicle systems , 2006, Eur. J. Oper. Res..

[9]  Paolo Toth,et al.  Vehicle Routing , 2014, Vehicle Routing.

[10]  Maria Kihl,et al.  Inter-vehicle communication systems: a survey , 2008, IEEE Communications Surveys & Tutorials.

[11]  Ahmad Al-Daraiseh,et al.  Toward Secure Vehicular Ad-hoc Networks: A Survey , 2012 .

[12]  René M. B. M. de Koster,et al.  A review of design and control of automated guided vehicle systems , 2006, Eur. J. Oper. Res..

[13]  Mr. Trambak Pawar,et al.  Security Threats and its Solution for Vehicular Ad hoc Network : A Review , 2015 .

[14]  Sherali Zeadally,et al.  A secure vehicle-to-roadside communication payment protocol in vehicular ad hoc networks , 2008, Comput. Commun..

[15]  Caroline A. Masiello,et al.  Physical Disintegration of Biochar: An Overlooked Process , 2014 .

[16]  Mohammed Saeed Al-kahtani,et al.  Survey on security attacks in Vehicular Ad hoc Networks (VANETs) , 2012, 2012 6th International Conference on Signal Processing and Communication Systems.

[17]  Hui Xiong,et al.  Enhancing Security and Privacy in Traffic-Monitoring Systems , 2006, IEEE Pervasive Computing.

[18]  M. A. Razzaque,et al.  Security and Privacy in Vehicular Ad-Hoc Networks: Survey and the Road Ahead , 2013, Wireless Networks and Security.

[19]  Wenyuan Xu,et al.  Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[20]  Panagiotis Papadimitratos,et al.  Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems , 2020, IEEE Transactions on Mobile Computing.

[21]  Tao Zhang,et al.  Dedicated Short‐Range Communications , 2012 .

[22]  Nitin H. Vaidya,et al.  A vehicle-to-vehicle communication protocol for cooperative collision warning , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..

[23]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[24]  Dimitar Filev,et al.  Intelligent Vehicle Systems:Applications and New Trends , 2008, ICINCO 2008.

[25]  Alex Acero,et al.  Commute UX: Voice Enabled In-car Infotainment System , 2009 .

[26]  Samuel Greengard,et al.  Automotive systems get smarter , 2015, Commun. ACM.

[27]  Damla Turgut,et al.  Defense against Sybil attack in vehicular ad hoc network based on roadside unit support , 2009, MILCOM 2009 - 2009 IEEE Military Communications Conference.

[28]  Peter Stone,et al.  A Multiagent Approach to Autonomous Intersection Management , 2008, J. Artif. Intell. Res..

[29]  Ulf E. Larson,et al.  Simulated attacks on CAN buses: vehicle virus , 2008 .

[30]  Liviu Iftode,et al.  Social vehicle navigation: integrating shared driving experience into vehicle navigation , 2013, HotMobile '13.

[31]  Alberto L. Sangiovanni-Vincentelli,et al.  Embedded System Design for Automotive Applications , 2007, Computer.

[32]  Hannes Hartenstein,et al.  A tutorial survey on vehicular ad hoc networks , 2008, IEEE Communications Magazine.

[33]  Raja Sengupta,et al.  Vehicle-to-vehicle safety messaging in DSRC , 2004, VANET '04.

[34]  Jun Luo,et al.  A Survey of Inter-Vehicle Communication , 2004 .

[35]  Samuel Pierre,et al.  Vehicular social systems: an overview and a performance case study , 2014, DIVANet '14.