Search Results

Abstract Connected autonomous vehicles that employ internet connectivity are technologically complex, which makes them vulnerable to cyberattacks. Many cybersecurity researchers, white hat hackers, and black hat hackers have discovered numerous exploitable vulnerabilities in connected vehicles. ...This study expanded the technology acceptance model (TAM) to include cybersecurity and level of trust as determinants of technology acceptance. This study surveyed a diverse sample of 209 licensed US drivers over 18 years old.

Reviewer Acknowledgment

Abstract ICVs are expected to make the transportation safer, cleaner, and more comfortable in the near future. However, the trend of connectivity has greatly increased the attack surfaces of vehicles, which makes in-vehicle networks more vulnerable to cyberattacks which then causes serious security and safety issues. In this article, we therefore systematically analyzed cyberattacks and corresponding countermeasures for in-vehicle networks of intelligent and connected vehicles (ICVs). Firstly, we analyzed the security risk of ICVs and proposed an in-vehicle network model from a hierarchical point of view. Then, we discussed possible cyberattacks at each layer of proposed network model.

Abstract Secure boot, although known for more than 20 years, frequent attacks from hackers that show numerous ways to bypass the security mechanism, including electronic control units (ECUs) of the automotive industry. This paper investigates the major causes of security weaknesses of secure boot implementations. Based on penetration test experiences, we start from an attacker’s perspective to identify and outline common implementation weaknesses. Then, from a Tier-One perspective, we analyze challenges in the research and development process of ECUs between original equipment manufacturers (OEMs) and suppliers that amplify the probability of such weakness. The paper provides recommendations to increase the understanding of implementing secure boot securely on both sides and derives a set of reference requirements as a starting point for secure boot ECU requirements.

Abstract In the automotive domain, the evolution of electrical and electronic (E/E) architecture trend is toward consolidating multiple heterogeneous applications executing on individual devices onto a centralized powerful computing platform. Many forums debate the nature of this centralized computing platform. At least for another decade, automotive powertrain functions will continue their development on a multicore controller platform (MCU) instead of many core processors. Data security and the need to meet Automotive Safety Integrity Level D (ASIL-D)-compliant powertrain functions are some of the reasons for this preference. For the centralized computing platform, virtualizing the underlying MCU will facilitate the simultaneous execution of heterogeneous powertrain applications with guaranteed spatial and temporal isolation. A common problem in virtualizing the MCU is the sharing of peripherals, which are comparatively scarce.

Abstract The innovations of vehicle connectivity have been increasing dramatically to enhance the safety and user experience of driving, while the rising numbers of interfaces to the external world also bring security threats to vehicles. Many security countermeasures have been proposed and discussed to protect the systems and services against attacks. To provide an overview of the current states in this research field, we conducted a systematic mapping study (SMS) on the topic area “security countermeasures of in-vehicle communication systems.” A total of 279 papers are identified based on the defined study identification strategy and criteria. We discussed four research questions (RQs) related to the security countermeasures, validation methods, publication patterns, and research trends and gaps based on the extracted and classified data. Finally, we evaluated the validity threats and the whole mapping process.