Browse Publications Technical Papers 2011-01-0040

Do Vehicles Need Data Security? 2011-01-0040

Data security was introduced to vehicles in the 1980's with the electronic theft protection system. Since then data security was also implemented in further electronic systems of vehicles, including theft protection for electronic control units, protection of mileage counter integrity, protection against software manipulation (secure flashing), and secure wireless on-board diagnoses (e.g. via Bluetooth). Vehicles include more and more electronic systems and open communication channels based on public standards, making them vulnerable to a variety of attacks. Security mitigation mechanisms are implemented in software and might be supported by a controller with basic security features.
Recently, research was started to centralize security features in a single dedicated security controller. This security controller implements cryptographic methods and provides tamper resistance. Current and future applications with need for security include vehicular communication, feature activation and pay-on-demand applications as well as digital content protection systems.
In this work we will analyze which degree of implemented security features in a vehicle is reasonable. We will consider both security features based on secure hardware and software mechanisms. We will distinguish applications that protect a financial asset (e.g. theft protection) and safety applications (e.g. future vehicle-to-vehicle wireless communication safety applications). We will evaluate whether there is a threat to safety because of new technologies, and how this threat needs to be mitigated. Finally, we will identify the useful mitigation mechanisms and describe how these need to evolve over time. We will perform the evaluation under the premise of economic security, i.e. always assuming that only economically feasible solutions will be deployed.


Subscribers can view annotate, and download all of SAE's content. Learn More »


Members save up to 18% off list price.
Login to see discount.
Special Offer: Download multiple Technical Papers each year? TechSelect is a cost-effective subscription option to select and download 12-100 full-text Technical Papers per year. Find more information here.
We also recommend:

Automated Test System for Electronic Control Units and Prototypes of Them in Vehicle Networks


View Details


Managing and Administering Security Infrastructure Controls via Policy


View Details


Integrating Secure Beamforming into Car-to-X Architectures


View Details