80 likes | 181 Views
Telematics and Digital Health. Allen Hobbs, Ph.D. Co-Chair HL7 Health Devices 01-17-13. Introduction. Modern automobiles are becoming increasingly computerized with many components partially or entirely controlled by computers and networked both internally and externally.
E N D
Telematics and Digital Health Allen Hobbs, Ph.D. Co-Chair HL7 Health Devices 01-17-13
Introduction • Modern automobiles are becoming increasingly computerized with many components partially or entirely controlled by computers and networked both internally and externally. • There are over 250 million registered passenger automobiles in the U.S.. Virtually all new automobiles are now computerized. • The architecture is based on significant advances in safety (e.g. anti-lock brakes), fuel efficiency, and convenience. • Increasing computerization also creates new risks to be addressed. • Recent research has been focused on helping people enjoy the benefits of a computerized architecture while providing strong assurance of safety, security and privacy.
Computerization also Creates New Risks • Recent research has been focused on helping people enjoy the benefits of a computerized architecture while providing strong assurance of safety, security and privacy. • Two papers exploring safety, security and privacy are worth noting here. • The first is the “Comprehensive Experimental Analysis of Automotive Attack Surfaces “ and the second is the “Experimental Security Analysis of a Modern Automobile” • Comprehensive Experimental Analysis of Automotive Attack Surfaces, USENIX Security Symposium, August 2011 • Experimental Security Analysis of a Modern Automotive, IEEE Symposium on Security and Privacy, May 2010
Conclusion • Authors of the experimental studies note that automobile owners should not be overly concerned about attacks to automotive architectures. • Rather, they focus squarely on addressing potential automotive security and privacy issues that future cars will have – with even more sophisticated computer control and broader wireless connectivity. • Security and privacy protections will need to be addressed for voice, data and location. • For example, experimental analysis of remote exploit controls has found that an attacker who has compromised a automobiles’ telematics unit can record data from the in-cabin microphone (normally reserved for hands free calling) and exfiltrate data over the connected IRC channel. • It is easy to capture the location of the automobile and track where a driver goes.
Autonomous Vehicles Autonomous EMS / Ambulance Telemetry
Guidelines for Smart Grid Cyber Security • Introduction to NISTIR 7628 • Guidelines for Smart Grid Cyber Security • Guidelines for Smart Grid Cyber Security: Vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements • Guidelines for Smart Grid Cyber Security: • Vol. 2, Privacy and the Smart Grid • Guidelines for Smart Grid Cyber Security: • Vol. 3, Supportive Analyses and References