论文信息 - Automotive Security Testing—The Digital Crash Test

Automotive Security Testing—The Digital Crash Test

Modern vehicles consist of many interconnected, software-based IT components which are tested very carefully for correct functional behavior to avoid safety problems, e.g. the brakes suddenly stop working. However, in contrast to safety testing systematic testing against potential security gaps is not yet a common procedure within the automotive domain. This however could eventually enable a malicious entity to be able to attack a safety-critical IT component or even the whole vehicle. Several real-world demonstrations have already shown that this risk is not only academic theory [1]. Facing this challenge, the paper at hand will first introduce some potential automotive security attacks and some important automotive security threats. It then explains in more detail how to identify and evaluate potential security threats for automotive IT components based on theoretical security analyses and practical security testing.

[1] Björn Steurich,et al. Speedometer manipulation — Putting a stop to fraud , 2013 .

[2] Marko Wolf. Security Engineering For Vehicular It Systems , 2009 .

[3] Marko Wolf,et al. A Systematic Approach to a Quantified Security RiskAnalysis for Vehicular IT Systems , .

[4] Hovav Shacham,et al. Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[5] Matti Valovirta,et al. Experimental Security Analysis of a Modern Automobile , 2011 .

[6] Herb Sutter,et al. C++ coding standards , 2004 .

[7] Marko Wolf. Security engineering for vehicular IT systems : improving the trustworthiness and dependability of automotive IT applications , 2009 .

[8] Marko Wolf,et al. A Systematic Approach to a Qualified Security Risk Analysis for Vehicular IT Systems , 2012, Automotive - Safety & Security.