Skip to main content
main-content

Tipp

Weitere Kapitel dieses Buchs durch Wischen aufrufen

2016 | OriginalPaper | Buchkapitel

Automotive Security Testing—The Digital Crash Test

verfasst von: Stephanie Bayer, Thomas Enderle, Dennis-Kengo Oka, Marko Wolf

Erschienen in: Energy Consumption and Autonomous Driving

Verlag: Springer International Publishing

share
TEILEN

Abstract

Modern vehicles consist of many interconnected, software-based IT components which are tested very carefully for correct functional behavior to avoid safety problems, e.g. the brakes suddenly stop working. However, in contrast to safety testing systematic testing against potential security gaps is not yet a common procedure within the automotive domain. This however could eventually enable a malicious entity to be able to attack a safety-critical IT component or even the whole vehicle. Several real-world demonstrations have already shown that this risk is not only academic theory [1]. Facing this challenge, the paper at hand will first introduce some potential automotive security attacks and some important automotive security threats. It then explains in more detail how to identify and evaluate potential security threats for automotive IT components based on theoretical security analyses and practical security testing.
Literatur
1.
Zurück zum Zitat Miller C, Valasek C (2013) Adventures in automotive networks and control units. In: DEFCON 21 Hacking Conference Miller C, Valasek C (2013) Adventures in automotive networks and control units. In: DEFCON 21 Hacking Conference
2.
Zurück zum Zitat Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H (2010) Experimental security analysis of a modern automobile. In: 2010 IEEE symposium on security and privacy (SP) Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H (2010) Experimental security analysis of a modern automobile. In: 2010 IEEE symposium on security and privacy (SP)
3.
Zurück zum Zitat Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H, Savage S, Koscher K, Czeskis A, Roesner F, Kohno T (2011) Comprehensive experimental analyses of automotive attack surfaces. In: USENIX security, San Francisco, CA, USA Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H, Savage S, Koscher K, Czeskis A, Roesner F, Kohno T (2011) Comprehensive experimental analyses of automotive attack surfaces. In: USENIX security, San Francisco, CA, USA
4.
Zurück zum Zitat Markey E (2013) As wireless technology becomes standard, Markey queries car companies about security, privacy. In: Press release of the US senator for Massachusetts, Massachusetts, USA, 23 Dec 2013 Markey E (2013) As wireless technology becomes standard, Markey queries car companies about security, privacy. In: Press release of the US senator for Massachusetts, Massachusetts, USA, 23 Dec 2013
5.
Zurück zum Zitat Miler C, Valasek C (2014) A survey of remote automotive attack surfaces. In: Blackhat Miler C, Valasek C (2014) A survey of remote automotive attack surfaces. In: Blackhat
6.
Zurück zum Zitat Thiemel AV, Janke M, Steurich B (2013) Speedometer manipulation—putting a stop to fraud. ATZ elektronik worldwide Edition, 2013–02 Thiemel AV, Janke M, Steurich B (2013) Speedometer manipulation—putting a stop to fraud. ATZ elektronik worldwide Edition, 2013–02
9.
Zurück zum Zitat Wolf M, Scheibel M (2012) A systematic approach to a quantified security risk analysis for vehicular IT systems. In: Automotive—safety & security, Karlsruhe Wolf M, Scheibel M (2012) A systematic approach to a quantified security risk analysis for vehicular IT systems. In: Automotive—safety & security, Karlsruhe
11.
Zurück zum Zitat SAFECode (2011) Fundamental practices for secure software development SAFECode (2011) Fundamental practices for secure software development
14.
Zurück zum Zitat M. I. S. R. Association and M. I. S. R. A. Staff (2013) MISRA C: 2012: Guidelines for the use of the C language in critical systems, Motor Industry Research Association, 2013 M. I. S. R. Association and M. I. S. R. A. Staff (2013) MISRA C: 2012: Guidelines for the use of the C language in critical systems, Motor Industry Research Association, 2013
18.
Zurück zum Zitat Wolf M (2009) Security engineering for vehicular IT systems—improving trustworthiness and dependability of automotive IT applications, Vieweg+Teubner Verlag Wolf M (2009) Security engineering for vehicular IT systems—improving trustworthiness and dependability of automotive IT applications, Vieweg+Teubner Verlag
Metadaten
Titel
Automotive Security Testing—The Digital Crash Test
verfasst von
Stephanie Bayer
Thomas Enderle
Dennis-Kengo Oka
Marko Wolf
Copyright-Jahr
2016
DOI
https://doi.org/10.1007/978-3-319-19818-7_2

Stellenausschreibungen

Anzeige

Premium Partner