Introduction to Vehicular Embedded Security 2009-01-0916
For new automotive applications and services, information technology (IT) has gained central importance. IT-related costs in car manufacturing are already high, and they will increase dramatically in the future. Yet whereas the area of safety and reliability has become a relatively well-established field, the protection of vehicular IT systems against systematic manipulation or intrusion has only recently started to emerge. Nevertheless, IT security is already the base of some vehicular applications, such as immobilizers or digital tachographs. To securely enable future automotive applications and business models, IT security will be one of the central technologies for the next generation of vehicles.
After a state-of-the-art overview of IT security in vehicles, this paper will give a short introduction into cryptographic terminology and functionality. This contribution will then identify the need for automotive IT security while presenting typical attacks, resulting security objectives and characteristic constraints within the automotive area. We will introduce core security technologies and relevant security mechanisms, followed by a detailed description of critical vehicular applications, business models and components relying on IT security. We conclude our contribution with a detailed statement about challenges and opportunities for the automotive IT community for embedding IT security in vehicles.