Zeinab El-Rewini,Karthikeyan Sadatsharan,Daisy Flora Selvaraj,Siby Jose Plathottam,Prakash Ranganathan

DOI: https://doi.org/10.1016/j.vehcom.2019.100214

IF: 6.7

2020-06-01

Vehicular Communications

Abstract:As modern vehicles are capable to connect to an external infrastructure and Vehicle-to-Everything (V2X) communication technologies mature, the necessity to secure communications becomes apparent. There is a very real risk that today's vehicles are subjected to cyber-attacks that target vehicular communications. This paper proposes a three-layer framework (sensing, communication and control) through which automotive security threats can be better understood. The sensing layer is made up of vehicle dynamics and environmental sensors, which are vulnerable to eavesdropping, jamming, and spoofing attacks. The communication layer is comprised of both in-vehicle and V2X communications and is susceptible to eavesdropping, spoofing, man-in-the-middle, and sybil attacks. At the top of the hierarchy is the control layer, which enables autonomous vehicular functionality, including the automation of a vehicle's speed, braking, and steering. Attacks targeting the sensing and communication layers can propagate upward and affect the functionality and can compromise the security of the control layer. This paper provides the state-of-the-art review on attacks and threats relevant to the communication layer and presents countermeasures.

telecommunications,transportation science & technology

Mehmet Bozdal,Mohammad Samie,Sohaib Aslam,Ian Jennions

DOI: https://doi.org/10.3390/s20082364

IF: 3.9

2020-04-21

Sensors

Abstract:The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS).

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Omid Avatefipour,Hafiz Malik

DOI: https://doi.org/10.48550/arXiv.1802.01725

2018-02-06

Abstract:Nowadays with the help of advanced technology, modern vehicles are not only made up of mechanical devices but also consist of highly complex electronic devices and connections to the outside world. There are around 70 Electronic Control Units (ECUs) in modern vehicle which are communicating with each other over the standard communication protocol known as Controller Area Network (CAN-Bus) that provides the communication rate up to 1Mbps. There are different types of in-vehicle network protocol and bus system namely Controlled Area Network (CAN), Local Interconnected Network (LIN), Media Oriented System Transport (MOST), and FlexRay. Even though CAN-Bus is considered as de-facto standard for in-vehicle network communication, it inherently lacks the fundamental security features by design like message authentication. This security limitation has paved the way for adversaries to penetrate into the vehicle network and do malicious activities which can pose a dangerous situation for both driver and passengers. In particular, nowadays vehicular networks are not only closed systems, but also they are open to different external interfaces namely Bluetooth, GPS, to the outside world. Therefore, it creates new opportunities for attackers to remotely take full control of the vehicle. The objective of this research is to survey the current limitations of CAN-Bus protocol in terms of secure communication and different solutions that researchers in the society of automotive have provided to overcome the CAN-Bus limitation on different layers.

Cryptography and Security

Alessandro Lotto,Francesco Marchiori,Alessandro Brighente,Mauro Conti

2024-01-19

Abstract:The large number of Electronic Control Units (ECUs) mounted on modern cars and their expansive communication capabilities create a substantial attack surface for potential exploitation. Despite the evolution of automotive technology, the continued use of the originally insecure Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.

Cryptography and Security

Robert Buttigieg,Mario Farrugia,Clyde Meli

DOI: https://doi.org/10.1109/sta.2017.8314877

2017-12-01

Abstract:Modern vehicles may contain a considerable number of ECUs (Electronic Control Units) which are connected through various means of communication, with the CAN (Controller Area Network) protocol being the most widely used. However, several vulnerabilities such as the lack of authentication and the lack of data encryption have been pointed out by several authors, which ultimately render vehicles unsafe to their users and surroundings. Moreover, the lack of security in modern automobiles has been studied and analyzed by other researchers as well as several reports about modern car hacking have (already) been published. The contribution of this work aimed to analyze and test the level of security and how resilient is the CAN protocol by taking a BMW E90 (3-series) instrument cluster as a sample for a proof of concept study. This investigation was carried out by building and developing a rogue device using cheap commercially available components while being connected to the same CAN-Bus as a man in the middle device in order to send spoofed messages to the instrument cluster.

Le Yu,Yangyang Liu,Pengfei Jing,Xiapu Luo,Lei Xue,Kaifa Zhao,Yajin Zhou,Ting Wang,Guofei Gu,Sen Nie,Shi Wu

2022-01-01

Abstract:In-vehicle protocols are very important to the security assessment and protection of modern vehicles since they are used in communicating with, accessing, and even manipulating ECUs (Electronic Control Units) that control various vehicle components. Unfortunately, the majority of in-vehicle protocols are proprietary without publicly available documents. Although recent studies proposed methods to reverse engineer the CAN protocol used in the communication among ECUs, they cannot be applied to vehicle diagnostics protocols, which have been widely exploited by attackers to launch remote attacks. In this paper, we propose a novel framework for automatically reverse engineering the diagnostic protocols of vehicles by leveraging professional diagnostic tools. Specifically, we design and develop a new cyber-physical system that uses a set of algorithms to control a programmable robotics arm with the aid of cameras to automatically trigger and capture the messages of diagnostics protocols as well as reverse engineer their formats, semantic meanings, and proprietary formulas required for processing the response messages. We perform a large-scale experiment to evaluate our prototype using 18 real vehicles. It successfully reverse engineers 570 messages (446 for reading sensor values and 124 for controlling components). The experimental results show that our framework achieves high precision in reverse engineering proprietary formulas and obtains much more messages than the prior approach based on app analysis.

Mahdi Dibaei,Xi Zheng,Kun Jiang,Sasa Maric,Robert Abbas,Shigang Liu,Yuexin Zhang,Yao Deng,Sheng Wen,Jun Zhang,Yang Xiang,Shui Yu

DOI: https://doi.org/10.48550/arXiv.1907.07455

2019-07-17

Cryptography and Security

Abstract:Cyber security is one of the most significant challenges in connected vehicular systems and connected vehicles are prone to different cybersecurity attacks that endanger passengers' safety. Cyber security in intelligent connected vehicles is composed of in-vehicle security and security of inter-vehicle communications. Security of Electronic Control Units (ECUs) and the Control Area Network (CAN) bus are the most significant parts of in-vehicle security. Besides, with the development of 4G LTE and 5G remote communication technologies for vehicle-toeverything (V2X) communications, the security of inter-vehicle communications is another potential problem. After giving a short introduction to the architecture of next-generation vehicles including driverless and intelligent vehicles, this review paper identifies a few major security attacks on the intelligent connected vehicles. Based on these attacks, we provide a comprehensive survey of available defences against these attacks and classify them into four categories, i.e. cryptography, network security, software vulnerability detection, and malware detection. We also explore the future directions for preventing attacks on intelligent vehicle systems.

Tobias Hoppe,Stefan Kiltz,Jana Dittmann

DOI: https://doi.org/10.1016/j.ress.2010.06.026

2011-01-01

Abstract:The IT security of automotive systems is an evolving area of research. To analyse the current situation and the potentially growing tendency of arising threats we performed several practical tests on recent automotive technology. With a focus on automotive systems based on CAN bus technology, this article summarises the results of four selected tests performed on the control systems for the window lift, warning light and airbag control system as well as the central gateway. These results are supplemented in this article by a classification of these four attack scenarios using the established CERT taxonomy and an analysis of underlying security vulnerabilities, and especially, potential safety implications.With respect to the results of these tests, in this article we further discuss two selected countermeasures to address basic weaknesses exploited in our tests. These are adaptations of intrusion detection (discussing three exemplary detection patterns) and IT-forensic measures (proposing proactive measures based on a forensic model). This article discusses both looking at the four attack scenarios introduced before, covering their capabilities and restrictions. While these reactive approaches are short-term measures, which could already be added to today’s automotive IT architecture, long-term concepts also are shortly introduced, which are mainly preventive but will require a major redesign. Beneath a short overview on respective research approaches, we discuss their individual requirements, potential and restrictions.

engineering, industrial,operations research & management science

Jinghua Yu,Stefan Wagner,Bowen Wang,Feng Luo

DOI: https://doi.org/10.4271/11-04-02-0005

2021-05-01

Abstract:The innovations of vehicle connectivity have been increasing dramatically to enhance the safety and user experience of driving, while the rising numbers of interfaces to the external world also bring security threats to vehicles. Many security countermeasures have been proposed and discussed to protect the systems and services against attacks. To provide an overview of the current states in this research field, we conducted a systematic mapping study on the topic area "security countermeasures of in-vehicle communication systems". 279 papers are identified based on the defined study identification strategy and criteria. We discussed four research questions related to the security countermeasures, validation methods, publication patterns, and research trends and gaps based on the extracted and classified data. Finally, we evaluated the validity threats, the study identification results, and the whole mapping process. We found that the studies in this topic area are increasing rapidly in recent years. However, there are still gaps in various subtopics like automotive Ethernet security, anomaly reaction, and so on. This study reviews the target field not only related to research findings but also research activities, which can help identify research gaps at a high level and inspire new ideas for future work.

Cryptography and Security

Tarak Nandy,Rafidah Md Noor,Raenu Kolandaisamy,Mohd Yamani Idna Idris,Sananda Bhattacharyya

DOI: https://doi.org/10.1016/j.jksuci.2024.101945

IF: 9.006

2024-02-01

Journal of King Saud University - Computer and Information Sciences

Abstract:With the proliferation of Vehicular Ad Hoc Networks (VANETs), ensuring the security and integrity of communication within these networks has become a paramount concern. This paper elaborates on the architecture, characteristics, security services, and various threats in the VANET. Moreover, this paper presents a comprehensive review of Intrusion Detection Systems (IDS) designed for VANETs, aiming to thoroughly understand the challenges, existing solutions, and future directions in this dynamic field. A discussion of the current practices on the evaluation techniques, tools, and datasets is shown. The paper emphasises the need for adaptive and resource-efficient IDS mechanisms, real-world validation, and a deeper exploration of the practical impact of security threats on specific vehicular functionalities. This review serves as a foundation for future research directions to enhance the security of VANETs, contributing to the evolution of intelligent transportation systems.

computer science, information systems

George Kornaros,Othon Tomoutzozlou,Marcello Coppola,Georgios Kornaros,Othon Tomoutzoglou

DOI: https://doi.org/10.1109/mm.2018.053631143

IF: 2.8212

2018-09-01

IEEE Micro

Abstract:With emerging smart automotive technologies, vehicle-to-vehicle communications, and software-dominated enhancements for enjoyable driving and advanced driver assistance systems, the complexity of providing guarantees in terms of security, trust, and privacy in a modern cyber-enabled automotivesystem is significantly elevated. New threat models emerge that require efficient system-level countermeasures. This article introduces synergies between on- and off-chip networking techniques to ensure secure execution environments for electronic control units. The proposed mechanisms consist of hardware firewalling and on-chip network physical isolation, whose mechanisms are combined with system-wide cryptographic techniques in automotive controller area network (CAN)-bus communications to provide authentication and confidentiality.

computer science, software engineering, hardware & architecture

Samuel C Hollifield,Pablo Moriano,William L Lambert,Joel Asiamah,Isaac Sikkema,Michael D Iannacone

2023-06-28

Abstract:Radiological material transportation is primarily facilitated by heavy-duty on-road vehicles. Modern vehicles have dozens of electronic control units or ECUs, which are small, embedded computers that communicate with sensors and each other for vehicle functionality. ECUs use a standardized network architecture--Controller Area Network or CAN--which presents grave security concerns that have been exploited by researchers and hackers alike. For instance, ECUs can be impersonated by adversaries who have infiltrated an automotive CAN and disable or invoke unintended vehicle functions such as brakes, acceleration, or safety mechanisms. Further, the quality of security approaches varies wildly between manufacturers. Thus, research and development of after-market security solutions have grown remarkably in recent years. Many researchers are exploring deployable intrusion detection and prevention mechanisms using machine learning and data science techniques. However, there is a gap between developing security system algorithms and deploying prototype security appliances in-vehicle. In this paper, we, a research team at Oak Ridge National Laboratory working in this space, highlight challenges in the development pipeline, and provide techniques to standardize methodology and overcome technological hurdles.

Cryptography and Security,Systems and Control

Batuhan Gul,Fatih Ertam

DOI: https://doi.org/10.1016/j.vehcom.2024.100846

IF: 6.7

2024-10-03

Vehicular Communications

Abstract:The utilization of autonomous vehicles is experiencing a rapid proliferation in contemporary society. Concurrently, with the relentless evolution of technology, the inexorable integration of autonomous vehicles into urban environments, driven by the overarching paradigm of smart cities, becomes increasingly apparent. This escalating reliance on autonomous vehicles concurrently heightens the susceptibility to malevolent actors orchestrating cyber-attacks against these vehicular systems. While previous years have seen a limited corpus of academic research pertaining to cyber-attack and defense methodologies for autonomous vehicles, the relentless progression of technology mandates a more contemporary and exhaustive inquiry. In addition, to the best of our knowledge, there is no article in the literature that provides detailed information and comparisons about in-vehicle sensors, in-vehicle networks, and in-vehicle network datasets by combining them in one article. Also, to our knowledge, very limited studies have been conducted on separately comparative analysis of in-vehicle networks, in-vehicle sensors or data sets in 2024, and therefore, the necessity of conducting a review study on these topics was recognized. To address this deficiency, we compile articles on attacks and defenses on sensors, in-vehicle networks and present detailed information about the latest datasets and provide comparative analysis. In this paper, we have analyzed 108 papers from the last 10 years on in-vehicle networks and sensors. 38 articles on in-vehicle sensors and 70 articles on in-vehicle networks were reviewed and analyzed. We categorize in-vehicle communication attacks into two main groups: sensor-initiated and network-initiated, with a chronological classification to highlight their evolution. We also compare the progress in securing in-vehicle communication and evaluate the most widely used datasets for attack and protection methods. Additionally, we discuss the advantages and disadvantages of these datasets and suggest future research directions. To the best of our knowledge, this work is the first to offer detailed information and comparative analysis of in-vehicle networks, sensors, and the latest datasets. While the study highlights the significant research conducted to protect in-vehicle networks and sensors from cyber attacks, technological advancements continue to introduce new attack vectors. Cars remain particularly susceptible to threats such as DoS, Fuzzy, Spoofing, and Replay attacks. Moreover, current defense mechanisms, including LSTM and CNN, have notable limitations. Future research is needed to address these challenges and enhance vehicle cybersecurity.

telecommunications,transportation science & technology

Tian Guan,Yi Han,Nan Kang,Ningye Tang,Xu Chen,Shu Wang

DOI: https://doi.org/10.3390/su14095211

IF: 3.9

2022-04-26

Sustainability

Abstract:Cybersecurity is one of the most important challenges in the intelligent connected vehicle system. Interconnected vehicles are vulnerable to different network security attacks, which endanger the safety of passengers. This review paper firstly analyses the reasons why the current vehicle network is vulnerable to network attack and summarizes the three implementation methods of network security threats. The necessity of vehicle network security research and deployment is also analyzed. After giving a short introduction to the vehicular network security, this review paper identifies major security attacks on intelligent connected vehicles. Then the security enhancement technology of vehicle networks from three aspects are introduced, including vehicle network data encryption technology, vehicle network message authentication technology, and vehicle network anomaly intrusion detection technology. Then we analyze three common methods of abnormal intrusion detection in vehicle networks and explore the future research for preventing attacks on the network security of intelligent vehicle systems.

environmental sciences,environmental studies,green & sustainable science & technology

Jerry Emmanuel,Chidera Prince Eze,Jelili Oyelade,Itunuoluwa Isewon,Christopher Iyanu-Oluwa Onietan

DOI: https://doi.org/10.1109/SEB-SDG57117.2023.10124561

2023-04-05

Abstract:The increasing integration of technology in automobiles has raised industry concerns about cyber-security. This paper provides an overview of the most recent developments in automobile cyber-security practices, pointing out the most important areas of cyber security that need more research in the context of self-driving cars and the automobile industry. Considering the different communities of cybersecurity mapped out by previous researchers, we explored each of these communities with respect to automobiles. The community of cybersecurity is subjected to intrusion detection, cryptography, sensor networks, information hiding, intrusion detection, biometrics, authentication, usable security, and access control. From the systematic review done, we found out the bulk of security research in the automobile industry is geared towards intrusion detection. The use of chaos-based picture encryption, visual cryptography, biometric fingerprinting, keystroke dynamics, background subtraction, gait identification, provable security, provable data possession, block ciphers, differential power analysis, hardware trojans, physical unclonable functions, etc., although used in the industry, has yet to be explored with respect to the security of vehicles, their networks, and the automobile industry. The results show that some of the different communities of cybersecurity towards automobiles are still in their infancy with opportunities for novel work.

Engineering,Computer Science

Aida Ben Chehida Douss,Ryma Abassi,Damien Sauveron

DOI: https://doi.org/10.3934/mbe.2023761

2023-08-29

Abstract:With the help of advanced technology, the automotive industry is in continuous evolution. Modern vehicles are not only comprised of mechanical components but also contain highly complex electronic devices and connections to the outside world. Today's vehicle usually has between 30 and 70 ECUs (Electronic Control Units), which communicate with each other over standard communication protocols. There are different types of in-vehicle network protocols and bus systems, including the Controlled Area Network (CAN), Local Interconnected Network (LIN), FlexRay, Media Oriented System Transport (MOST), and Automotive Ethernet (AE). Modern cars are also able to communicate with other devices through wired or wireless interfaces such as USB, Bluetooth, Wi-Fi or even 5G. Such interfaces may expose the internal network to the outside world and can be seen as entry points for cyber-attacks. In this paper, the main interest is in the AE network protocol. AE is a special Ethernet design that provides the bandwidth needed for today's applications, and the potential for even greater performance in the future. However, AE is a "best effort" protocol, which cannot be considered reliable. This implies that it is not trustworthy in terms of reliability and timely deliveries. The focus of this paper is to present a state-of-the-art survey of security threats and protection mechanisms relating to AE. After introducing and comparing the different protocols being used in the embedded networks of current vehicles, we analyze the potential threats targeting the AE network and describe how attackers' opportunities can be enhanced by the new communication abilities of modern cars. Finally, we present and compare the AE security solutions currently being devised to address these problems and propose some recommendations and challenges to deal with security issue in AE protocol.

Rajkumar Singh Rathore,Chaminda Hewage,Omprakash Kaiwartya,Jaime Lloret

DOI: https://doi.org/10.3390/s22176679

IF: 3.9

2022-09-04

Sensors

Abstract:In-vehicle communication has become an integral part of today's driving environment considering the growing add-ons of sensor-centric communication and computing devices inside a vehicle for a range of purposes including vehicle monitoring, physical wiring reduction, and driving efficiency. However, related literature on cyber security for in-vehicle communication systems is still lacking potential dedicated solutions for in-vehicle cyber risks. Existing solutions are mainly relying on protocol-specific security techniques and lacking an overall security framework for in-vehicle communication. In this context, this paper critically explores the literature on cyber security for in-vehicle communication focusing on technical architecture, methodologies, challenges, and possible solutions. In-vehicle communication network architecture is presented considering key components, interfaces, and related technologies. The protocols for in-vehicle communication have been classified based on their characteristics, and usage type. Security solutions for in-vehicle communication have been critically reviewed considering machine learning, cryptography, and port-centric techniques. A multi-layer secure framework is also developed as a protocol and use case-independent in-vehicle communication solution. Finally, open challenges and future dimensions of research for in-vehicle communication cyber security are highlighted as observations and recommendations.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Franco Oberti,Alessandro Savino,Ernesto Sanchez,Filippo Parisi,Stefano Di Carlo

DOI: https://doi.org/10.1109/TDMR.2022.3157000

2022-03-07

Abstract:The automobile industry is no longer relying on pure mechanical systems; instead, it benefits from advanced Electronic Control Units (ECUs) in order to provide new and complex functionalities in the effort to move toward fully connected cars. However, connected cars provide a dangerous playground for hackers. Vehicles are becoming increasingly vulnerable to cyber attacks as they come equipped with more connected features and control systems. This situation may expose strategic assets in the automotive value chain. In this scenario, the Controller Area Network (CAN) is the most widely used communication protocol in the automotive domain. However, this protocol lacks encryption and authentication. Consequently, any malicious/hijacked node can cause catastrophic accidents and financial loss. Starting from the analysis of the vulnerability connected to the CAN communication protocol in the automotive domain, this paper proposes EXT-TAURUM P2T a new low-cost secure CAN-FD architecture for the automotive domain implementing secure communication among ECUs, a novel key provisioning strategy, intelligent throughput management, and hardware signature mechanisms. The proposed architecture has been implemented, resorting to a commercial Multi-Protocol Vehicle Interface module, and the obtained results experimentally demonstrate the approach's feasibility.

Cryptography and Security

Colin Urquhart,Xavier Bellekens,Christos Tachtatzis,Robert Atkinson,Hanan Hindy,Amar Seeam

DOI: https://doi.org/10.48550/arXiv.1910.09410

2019-10-21

Cryptography and Security

Abstract:The convergence of information technology and vehicular technologies are a growing paradigm, allowing information to be sent by and to vehicles. This information can further be processed by the Electronic Control Unit (ECU) and the Controller Area Network (CAN) for in-vehicle communications or through a mobile phone or server for out-vehicle communication. Information sent by or to the vehicle can be life-critical (e.g. breaking, acceleration, cruise control, emergency communication, etc. . . ). As vehicular technology advances, in-vehicle networks are connected to external networks through 3 and 4G mobile networks, enabling manufacturer and customer monitoring of different aspects of the car. While these services provide valuable information, they also increase the attack surface of the vehicle, and can enable long and short range attacks. In this manuscript, we evaluate the security of the 2017 Skoda Octavia vRS 4x4. Both physical and remote attacks are considered, the key fob rolling code is successfully compromised, privacy attacks are demonstrated through the infotainment system, the Volkswagen Transport Protocol 2.0 is reverse engineered. Additionally, in-car attacks are highlighted and described, providing an overlook of potentially deadly threats by modifying ECU parameters and components enabling digital forensics investigation are identified.

Yuefeng Du,Zhiqiang Cai,Le Yu,Wenkai Zhang,Pengfei Jing,Yingjie Cao,Shi Wu,Sen Nie,Xiapu Luo,Chenxiong Qian

DOI: https://doi.org/10.1109/SP54263.2024.00080

2024-05-19

Abstract:As modern vehicles become increasingly complex in terms of both external attack surfaces and internal in-vehicle network (IVN) topology, ensuring their cybersecurity remains a challenge. Existing standards and regulations, such as WP29 R155e and ISO 21434, attempt to establish a baseline for automotive cybersecurity, but their sufficiency in addressing the evolving threats is unclear. To fill in this gap, we first carried out an in-depth interview study with 15 experts in automotive cybersecurity, uncovering the particular challenges encountered during security activities and the limitations of current regulations. We identified 20 key insights from the interview data, ranging from the challenges and gaps in the existing automotive security industry to the limitations and recommendations for current regulations. Notably, we discovered that the quality of threat cases provided by existing regulations is unsatisfactory, and the Threat Analysis and Risk Assessment (TARA) process is often highly inefficient due to the lack of automatic tools. In response to the above limitations, we first built an improved threat database for automotive systems using the collected interview data, which enhanced the existing database both quantitatively and qualitatively. Additionally, we present CarVal, a datalog-based approach designed to infer multi-stage attack paths in IVNs and calculate risk values, thereby making TARA more efficient for automotive systems. By applying CarVal to five real vehicles, we performed extensive security analysis based on the generated attack paths and successfully exploited the corresponding attack chains in the newly gateway-segmented IVN, uncovering new automotive attack surfaces that previous research failed to cover, including the in-vehicle browser, official mobile app, backend server, and in-vehicle malware.

Engineering,Computer Science