Sigyn II 2009-2012

software in global yielding networks

Issuer: Anna Karin Anckar AKARLS13, Brand & Insights, PowerPoint Guidelines, Security Class: Proprietary Date created: 2012-03-12 1

Project organization & partners

Academy & Administration SOTA 1 SADD 2 TACTA 3 CIRA 4

*

1. SOTA: Security cOncept and IT Architecture 2. SADD: Safety Analysis and concept for Diagnostics and software Download 3. TACTA: TrAfic Control and Test car mAnagement 4. CIRA: Connected car Impact on Repair shops and After sales * Know it left the project in Q4 2010 2

Intensions & objectives Intentions are to study Basic objectives are to

Connected vehicles with services like remote diagnostics, measurement and software download Test car status and traffic monitoring/controlling Add safety, robustness and security to the remote services Develop a scalable IT architecture to handle a large vehicle population increasing over time Security and safety concepts for connected vehicles and Security analysis at academies Requirement on future vehicle architecture Evaluate IT architecture, remote diagnostics, measurement and software download 3

Results remote services

Asynchronous remote services R&D Work shop Remote SWDL Remote Diagnostic parameter settings Remote data measurement Vehicle state of health Synchronous remote services Remote online Diagnostics Wireless Diagnostics & SWDL

Page 4

Results security

Security implications

• Resource constrains of the ECU.

• Limited possibilities of extra cost, security solutions must be very cost efficient.

• Lifetime of the solution, the vehicle may be in use for 10-15 years.

Security concept

• Reliance on cryptography and hardware security modules to establish trust.

• Communication security solutions with strong authentication • Application of defense in depth concepts Date created: [YYYY-MM-DD] Issuer: [Name] [CDS ID], [Organisation], [Name of Doc], Security Class: Proprietary

Result Safety

Safety implications

• Previously the diagnostic client was always physically attached to the vehicle via the OBD-connector and became de attached before the vehicle left the workshop. • The diagnostic client will be built into the vehicle (thus never de-attached).

• There will be occasions when the workshop mechanic have no visual overview of the vehicle when performing remote diagnostics.

Safety concept

• Involvement and reliance upon the vehicle user • Vehicle must verify certain conditions • The application of requirements is location dependent (road side/workshop) 6

publications

“Security Concerns in Communication with the Connected Car using DoIP”.

P. Kleberger, A. Javaheri, V. Izosimov, and H. Broberg. In: Electronic Systems for Motor Vehicles. VDI Berichte 2132. ISBN: 978-3-18-092132-7. Baden-Baden, Germany, Oct. 2011, pp. 245-254 (nominated for best paper at the conference) “A Framework for Assessing the Security of the Connected Car Infrastructure” P. Kleberger, A. Javaheri, T. Olovsson, and E. Jonsson. In: Proceedings of the Sixth International Conference on Systems and Networks Communications (ICSNC 2011). IARIA. Barcelona, Spain, Oct. 2011, pp. 236-241.

“Security Aspects of the In-Vehicle Network in the Connected Car” P. Kleberger, T. Olovsson, and E. Jonsson.. In: Proceedings of the 2011 IEEE Intelligent Vehicles Symposium (IV). Baden Baden, Germany: IEEE, June 2011, pp. 528-533. doi: IVS.2011.5940525.

“An In-Depth Analysis of the Security of the Connected Repair Shop”. P. Kleberger, T. Olovsson, and E. Jonsson. In: Proceedings of the Seventh International Conference on Systems and Networks Communications (ICSNC 2012). IARIA. Lisbon, Portugal., Nov. 2012, pp. 99-107.

"Remote vehicle diagnostics over the Internet using the DoIP protocol M. Johanson, P. Dahle and A. Söderberg," 6th International Conference on Systems and Network Communications, ICSNC 2011, Barcelona, Spain, October 23-29, 2011.

"A Structured Approach to Securing the Connected Car". P. Kleberger . Thesis for degree of Licentiate of engineering. Technical report at Department of Computer science and engineering, no 99L ISSN 1652-876X.

7

The sigyn journey

SIGYN II Pre study SIGYN LOKE 2005 2006 2007 2008 2009 2010 2011 2012 8

Project significance

Functionality introduction in SPA Volvo Technology award winner 2012 Page 9

SIGYN II Continuation

2012 FFI Security Framework (SeFram) FFI Remote Data Collection & Visualization (RDCV) FFI Big Automotive Data (BAuD) 2013 2014 2015 2016 10

Thanks for your attention!

Anna Sundalen Volvo Cars

11