Transcript Security concept
Sigyn II 2009-2012
software in global yielding networks
Issuer: Anna Karin Anckar AKARLS13, Brand & Insights, PowerPoint Guidelines, Security Class: Proprietary Date created: 2012-03-12 1
Project organization & partners
Academy & Administration SOTA 1 SADD 2 TACTA 3 CIRA 4
*
1. SOTA: Security cOncept and IT Architecture 2. SADD: Safety Analysis and concept for Diagnostics and software Download 3. TACTA: TrAfic Control and Test car mAnagement 4. CIRA: Connected car Impact on Repair shops and After sales * Know it left the project in Q4 2010 2
Intensions & objectives Intentions are to study Basic objectives are to
Connected vehicles with services like remote diagnostics, measurement and software download Test car status and traffic monitoring/controlling Add safety, robustness and security to the remote services Develop a scalable IT architecture to handle a large vehicle population increasing over time Security and safety concepts for connected vehicles and Security analysis at academies Requirement on future vehicle architecture Evaluate IT architecture, remote diagnostics, measurement and software download 3
Results remote services
Asynchronous remote services R&D Work shop Remote SWDL Remote Diagnostic parameter settings Remote data measurement Vehicle state of health Synchronous remote services Remote online Diagnostics Wireless Diagnostics & SWDL
Page 4
Results security
Security implications
• Resource constrains of the ECU.
• Limited possibilities of extra cost, security solutions must be very cost efficient.
• Lifetime of the solution, the vehicle may be in use for 10-15 years.
Security concept
• Reliance on cryptography and hardware security modules to establish trust.
• Communication security solutions with strong authentication • Application of defense in depth concepts Date created: [YYYY-MM-DD] Issuer: [Name] [CDS ID], [Organisation], [Name of Doc], Security Class: Proprietary
Result Safety
Safety implications
• Previously the diagnostic client was always physically attached to the vehicle via the OBD-connector and became de attached before the vehicle left the workshop. • The diagnostic client will be built into the vehicle (thus never de-attached).
• There will be occasions when the workshop mechanic have no visual overview of the vehicle when performing remote diagnostics.
Safety concept
• Involvement and reliance upon the vehicle user • Vehicle must verify certain conditions • The application of requirements is location dependent (road side/workshop) 6
publications
“Security Concerns in Communication with the Connected Car using DoIP”.
P. Kleberger, A. Javaheri, V. Izosimov, and H. Broberg. In: Electronic Systems for Motor Vehicles. VDI Berichte 2132. ISBN: 978-3-18-092132-7. Baden-Baden, Germany, Oct. 2011, pp. 245-254 (nominated for best paper at the conference) “A Framework for Assessing the Security of the Connected Car Infrastructure” P. Kleberger, A. Javaheri, T. Olovsson, and E. Jonsson. In: Proceedings of the Sixth International Conference on Systems and Networks Communications (ICSNC 2011). IARIA. Barcelona, Spain, Oct. 2011, pp. 236-241.
“Security Aspects of the In-Vehicle Network in the Connected Car” P. Kleberger, T. Olovsson, and E. Jonsson.. In: Proceedings of the 2011 IEEE Intelligent Vehicles Symposium (IV). Baden Baden, Germany: IEEE, June 2011, pp. 528-533. doi: IVS.2011.5940525.
“An In-Depth Analysis of the Security of the Connected Repair Shop”. P. Kleberger, T. Olovsson, and E. Jonsson. In: Proceedings of the Seventh International Conference on Systems and Networks Communications (ICSNC 2012). IARIA. Lisbon, Portugal., Nov. 2012, pp. 99-107.
"Remote vehicle diagnostics over the Internet using the DoIP protocol M. Johanson, P. Dahle and A. Söderberg," 6th International Conference on Systems and Network Communications, ICSNC 2011, Barcelona, Spain, October 23-29, 2011.
"A Structured Approach to Securing the Connected Car". P. Kleberger . Thesis for degree of Licentiate of engineering. Technical report at Department of Computer science and engineering, no 99L ISSN 1652-876X.
7
The sigyn journey
SIGYN II Pre study SIGYN LOKE 2005 2006 2007 2008 2009 2010 2011 2012 8
Project significance
Functionality introduction in SPA Volvo Technology award winner 2012 Page 9
SIGYN II Continuation
2012 FFI Security Framework (SeFram) FFI Remote Data Collection & Visualization (RDCV) FFI Big Automotive Data (BAuD) 2013 2014 2015 2016 10
Thanks for your attention!
Anna Sundalen Volvo Cars
11