Autonomous Vehicles - KPIT

Recommendations

Info

I. Introduction Connected vehicle is precursor for autonomous vehicle to communicate in real time with other vehicles and infrastructure. M o d e r n d a y a u t o m o b i l e s e m p l o y sophisticated communication mechanisms connecting multiple embedded computers over wired and wireless networks. Wireless connections could be vehicle-vehicle, vehicleinfrastructure or infrastructure-infrastructure. Hence modern automotive systems are subject to a much wider range of potential abuses by cyber criminals/hackers and hence security plays an important role in automotive systems. This article mainly focuses on the security threats in automotive systems, and the counter measures to safeguard the vehicle from potential attacks. We first start with a general introduction of Information Security followed by detailed discussion on Security in Automotive Systems. II. What is Information security? Information security is all about protecting the confidential information and its critical elements (such as software, hardware, network etc.) from unauthorized access, use and disclosure. The three key parts of information security are Confidentiality, Integrity and Availability. Moreover, maintaining these three elements is most important for an organization's well being. Confidentiality - Confidentiality is about protecting sensitive data of a company (such as financial figures, new product info, pricing etc.) or of an individual (such as credit card details, bank details etc.) from unauthorized access or disclosure. Information leak can lead to financial losses and other serious implications. Integrity - Data integrity refers to the prevention of confidential data from erroneous modifications, deletion and manipulations. Integrity involves security measures employed to ensure consistency, accuracy and trustworthiness of data over its entire life cycle. Security measures employed to assure data integrity include Data encryption, Data backup, access control, input validation, to prevent incorrect data entry. Availability - Availability is about making the information available to authorized users when it is needed. This involves protecting computing systems that store and process the information from malware and worms, protecting communication channels, preventing service disruptions due to power outages/hardware failures, protection systems from denial-of-service attacks. What is Information security breach? "A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an unauthorized person." – [6] Some examples of security breaches include: •Malicious attackers gaining unauthorized access to financial assets such as credit cards, bank details or personal information •Anonymous persons gaining physical a c c e s s t o c o m p a n y p r e m i s e s b y compromising the access system of the company •Redirecting customers to unknown sites hosting similar look and feel to gain access to their login credentials •Hackers gaining access to personal computers to install malware and viruses III. What is the Goal of an information security System? Figure 1: Hacker Attacking a Remote Computer The primary goal of information security system is to guarantee safety of information, prevent theft and loss of IT assets, ensuring business continuity and reduce business damage. A secure information system should have multiple layers of security in place, which shall include: A. Physical security Security measures designed to deny unauthorized access to equipments and resources, which includes locks, access control systems, etc. B. Logical security Software measures to safeguard system's r e s o u r c e s t h a t i n c l u d e s u s e r I D , authentication, biometrics and firewalls. C. Operations security This includes operation issues such as c h o o s i n g s t r o n g p a s s w o r d s , k e y management, secure data storage, etc. 48 TechTalk@<strong>KPIT</strong>, Volume 6, Issue 4, 2013
D. Communications security (COMSEC) Communications security involves measures taken to deny unauthorized interceptors from accessing and manipulating the data that flows over a communication channel. Communication channels can be secured with the help of techniques such as cryptography, digital signatures, Firewalls, Antivirus, Web Security, Email & Web Content Filtering Solution etc. E. Network security Network security involves securing a computer network infrastructure from unauthorized access, misuse or damage. A network administrator implements policies and procedures to prevent and monitor unauthorized access of a computer network from misuse, modifications or damage. Network security measures include deployment of firewalls, Anti-virus software, proxy servers, and Intrusion-detection systems IV. Security Threats Computer systems are vulnerable to many threats that can inflict significant losses. External threats can be from hackers, or from cyber criminals and internal threats can come from employees, consultants or partners from inside access to network. Some affect the confidentiality or integrity of data while others affect the availability of a system. Figure 2: Depicting Various Security Threats [7] V. Security Threats in Embedded Systems With advances in technology, modern day embedded devices are getting more sophisticated with most of them connected to wired and wireless networks. Security becomes a concern due to increased sensitive data being exchanged on the networks. Secure embedded systems are vulnerable to attacks, like physical tampering, malware, side-channel attacks. For example in an Access Control System an hacker can send signals to open the door, gain physical access through bypassing authentication, gain access to the secret keys used in communication, corrupt data by accessing the file systems, etc. In automotive systems, hackers can send signals to unlock the car, tamper flash data, monitor network traffic and send false messages. These concerns necessitate the use of security protocols and other security measures (securing communication channels using crypto mechanisms, digital signatures, lockout mechanism, tamper protection, etc) to protect the sensitive data from unauthorized spoofing or manipulation. Here are some examples of security threats that a system can be subjected to by an external agent: Denial of Service Attacks (DOS), Brute-Force: Lack of Lockout Mechanism, Multiple Persistent Cross Site Scripting (XSS) Vulnerabilities, Impersonation, Spoofing also called Man-inthe-middle attack, Phishing also called webpage spoofing, E-mail address spoofing, Eavesdropping, and Session Hijacking. VI. Security in Automotive Systems The modern automotive systems are more sophisticated and more connected than their traditional counterparts. With cars becoming more and more connected - to the Internet, to wireless networks, with each other (car-tocar), and with the infrastructure (car-to infrastructure) they are becoming more vulnerable than ever to attackers and hackers. With more exposure with wireless communications - such as on-board car navigation system, a telematics device connected to the Internet via smart phone chances of security threats have increased considerably. Lack of security mechanisms in current automotive networks makes security a top priority. Currently, there's nothing to stop anyone with malicious intent from taking command of your vehicle. A hacker after g a i n i n g a c c e s s t o t h e v e h i c l e network/software could control everything; from selecting songs to controlling the acceleration and brakes. The current automobiles are not designed to detect and prevent from gaining access to the whole CAN network, or to reject commands injected by a corrupt ECU. Therefore, security plays an important role in automotive systems because threats might not only cause nuisance and disclose sensitive data but also directly endangers the safety of passengers in the car. Here are some security threats and vulnerabilities in automotive systems: lInducing forged traffic into the CAN network by direct access to the bus, through On-board Diagnostics (OBD) port TechTalk@<strong>KPIT</strong>, Volume 6, Issue 4, 2013 549
Page 1 and 2: TechTalk@KPIT a quarterly journal o
Page 3 and 4: Contents Editorial Guest Editorial
Page 5 and 6: Dr. Vinay G. Vaidya CTO KPIT Techno
Page 7 and 8: Journey Without Driver About the Au
Page 9 and 10: A. Stanford Cart - The First Smart
Page 11 and 12: autonomous vehicles in 2004. The Gr
Page 13 and 14: obtained by laser range finder. The
Page 15 and 16: To Be or Not To Be... A Driver Abou
Page 17 and 18: When the autonomous vehicle complet
Page 19 and 20: ultrasonic sensors, etc. provide vi
Page 21 and 22: Scientist Profile Sebastian Thrun S
Page 23 and 24: Seeing Through Sensors About the Au
Page 25 and 26: Figure 1: A robotic Volkswagen Pass
Page 27 and 28: Figure 4: Infrared image of a stree
Page 29 and 30: Bringing Vision to Life About the A
Page 31 and 32: Radar needs an attention, there exi
Page 33 and 34: Sr. No. Table 1: List of patents fi
Page 35 and 36: Drive-By-Wire : A KPIT Case Study A
Page 37 and 38: the operational accuracy, it is har
Page 39 and 40: DRIVERS BRAKE HYDRAULIC MOTOR Manua
Page 41 and 42: Wired Through Wireless About the Au
Page 43 and 44: FORWARD OBSTACLE DETECTION AND AVOI
Page 45 and 46: Microcontroller Abstraction Layer (
Page 47 and 48: Autonomous Intelligent Vehicles Aut
Page 49: Inside Connected Vehicle About the
Page 53 and 54: security built-in from the very beg
Page 55 and 56: Gazing Through a Crystal Ball About
Page 57 and 58: Thus, from a passenger acceptance a
Page 59 and 60: About KPIT Technologies Limited KPI

Autonomous Vehicles - KPIT

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?