Abstract:
Automotive systems are dominated by electronic and software components. A modern car includes hundreds of Electronic Control Units connected to a variety of diverse sensors and actuators, controlled by several hundred megabytes of software code and coordinated through several in-vehicle networks implementing disparate protocols. Given this complexity, such systems are unsurprisingly riddled by errors and vulnerabilities that can be effectively exploited to compromise their functionality in-field. Furthermore, our move towards more and more autonomous vehicles is accompanied by a sharp increase in design complexity, vulnerabilities, and attack surfaces. While there has been significant activity in automotive security research in recent years, a big gap remains between the state of the research and the needs of the practice. Furthermore, the research often does not account for the complexities of flow, methodologies, and dependencies that must be handled by practically viable solutions. In this paper, we address this problem by providing a unified, global view of the state of the research and practice in automotive security. We consider several general taxonomies of security threats, approaches explored in research to address them, and the state of the practice. Salient requirements for viable security solutions in current and emergent systems are discussed, and limitations of both research and practice are analyzed.
This article was published to IEEE Design & Test December 2019.
Download here: Security of Emergent Automotive Systems – Preprint
© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
View the final publication here: https://ieeexplore.ieee.org/document/8851175