1 / 40

A Review of the Above Document By: Robert James

Cyber Threats Facing Autonomous and Connected Vehicles: Future Challenges Simon Parkinson, Paul Ward, Kyle Wilson, and Jonathon Miller. A Review of the Above Document By: Robert James. Introduction.

shawno
Download Presentation

A Review of the Above Document By: Robert James

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Threats Facing Autonomous and Connected Vehicles: Future ChallengesSimon Parkinson, Paul Ward, Kyle Wilson, and Jonathon Miller A Review of the Above Document By: Robert James

  2. Introduction “Connected and Autonomous Vehicles (CAVs) incorporate many different technologies to enable driverless, safe, and efficient transportation. Connection mechanisms support communication between vehicles and infrastructure, sharing of data such as position, and speed of movement, etc.”

  3. Introduction “The development and commercial release of Connected and Autonomous Vehicles (CAVs) is largely driven by the desire to produce quicker, more reliable and and safer vehicles and more robust and resilient transportation infrastructure. Developing increasingly autonomous and connected vehicles inevitably requires an increase in computing resources.”

  4. Introduction Currently there is considerable effort spent on identifying: • Vulnerabilities • Mitigation techniques • Potential impact

  5. Red Ink Anyone? “The aim of the present research was to review the research on CAV related cyber security vulnerabilities and mitigation techniques, provide an overview of past and current research efforts, and to collate this research in to key areas of activity. The aim of this paper is to identify knowledge gaps that can subsequently be used to motivate a future a roadmap to addressing the cyber security related challenges. The paper is structured as follows: the following section provides and in-depth analysis of publicly available literature to identify cyber security related knowledge gaps.”

  6. Literature Survey • Factors that motivated the authors work: • CAV technology is not mature. • Supply chain for vehicle parts makes use of a wide range of technologies. • Auto manufactures outsource a considerable amount of activity

  7. Presentation Flow Slide 1. A. The Vehicle • Low-Level Sensors • GPS • Inertia Sensors • Tyre (Tire) Pressure Monitoring System (TPMS) • Light Detection And Ranging (LiDAR) • Camera and Infrared • Vehicle Control Units • Engine Control Units (ECDs)

  8. Presentation Flow Slide 2. B. Human Aspects • Privacy • Behavioral Aspects C. Connection Infrastructure • Attack Types • Physical Access Vulnerabilities • Close Proximity Vulnerabilities • Remote Access Vulnerabilities

  9. Categorized Research Groups

  10. GPS • Spoofing • Jamming

  11. GPSIllustration of a GPS Spoofing Attack

  12. GPSJamming • Drown out the GPS receiver with noise • GPS Jamming devices readily available

  13. GPSProposed Technique for PreventingJamming and Spoofing • Use secondary measurement systems (GLONASS, BeiDou, Galileo, NAVIC) to monitor GPS signals for attacks.

  14. Inertia Sensors Inertial Measurement units used to provide data for: • Velocity • Acceleration • Orientation

  15. Inertia Sensors • CarShark • https://jalopnik.com/5539181/carshark-software-lets-you-hack-into-control-and-kill-any-car • https://www.popsci.com/cars/article/2010-05/researchers-hack-car-computers-shutting-down-brakes-engine-and-more

  16. Inertia SensorsMitigation of Attacks Proposed techniques: • Encryption • Monitor sensor signal. • Additional sensors.

  17. Engine Control Units • Regulate engine activity

  18. Engine Control UnitsMitigation of Attacks • Encryption • https://warwick.ac.uk/fac/sci/eng/staff/saf/publications/date2015-mundhenk.pdf

  19. Tyre (Tire)-Pressure Monitor Systems(TPMS) • Small device located on the valve of each tire. • Required in USA for all vehicles manufactured from 2007 on.

  20. Light Detection and Ranging(LiDAR) • Generate map of vehicle’s environment. • Localization • Obstacle Avoidance • Navigation

  21. LiDARIllustration of the Basics

  22. LiDARAttacks • Susceptible to jamming, spoofing, and deceiving

  23. LiDARAttack Mitigation • Multiple Wavelengths • CAV-to-CAV image sharing • Random probing

  24. Camera and Infrared Systems • Obstacle detection • Object recognition

  25. Camera and Infrared SystemsAttacks • Directed light • (natural or man made, intentional or unintentional)

  26. Camera and Infrared SystemsAttack Mitigation • Additional cameras • Filters

  27. Engine Control Units (ECU) • Powertrain • Safety Systems • Body Control • Data Communication

  28. Engine Control Units (ECU)Key ECUs within a CAVThe following list, while not exhaustive, provides a level of importance in descending order. • Navigation control module (NCM) • Engine control module (ECM) • Electronic brake control module (EBCM) • Transmission control module (TCM) • Telematics module with remote commanding • Body control module (BCM) • Inflatable restraint module (IRM) • Vehicle vision system (VVS) • Remote door lock receiver • Heating, ventilation, and air conditioning (HVAC) • Instrument panel module • Radio and entertainment centre

  29. Engine Control Units (ECU)Sample Exploits • http://www.nationaldefensemagazine.org/articles/2015/5/1/2015may-researchers-hack-into-driverless-car-system-take-control-of-vehicle • https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ • C. Vallance, Car Hack Uses Digital Radio Broadcast to Seize Control. https://www.bbc.com/news/technology-33622298 • Comprehensive Experimental Analyses of Automotive Attack Surfaces http://www.autosec.org/pubs/cars-usenixsec2011.pdf

  30. Engine Control Units (ECU)Exploit Mitigation • Intrusion detection systems • Message Authentication Codes (MAC) • Author’s believe asymmetric encryption is the way to go.

  31. Privacy Concerns • As with social internet sites it is possible that personal data from CAVs can be gathered and used…

  32. Behavioral Aspects • How is a CAV to interact with human operator (of unknown technical expertise) in the event of system malfunction or intrusion detection?

  33. CAV Connectivity to External Objects • Vehicle-to-Vehicle (V2V) • Vehicle-to-Infrastructure (V2I) • Vehicle-to-Internet Enabled Device (V2X)

  34. CAV Connectivity IssuesAttack Types • Password and Key Attacks • Denial of Service • Network Protocol Attacks • Phishing • Rogue Updates

  35. CAV Connectivity IssuesPhysical Access • On-Board Diagnostic Port • Media Systems

  36. CAV Connectivity Issues Close Proximity Vulnerabilities • Bluetooth • Keyless Entry and Ignition Systems https://www.engadget.com/2018/10/22/tesla-model-s-theft-keyfob-hack/ • Signal Jamming for Connected Devices

  37. CAV Connectivity Issues Remote Access Vulnerabilities • Radio (GPS, Digital Radio, Radio Data System, Traffic Message Channels) • Cellular and Internet-Enabled Exploits

  38. Summary of Gaps in Knowledge and Their Potential Impact – Part 1

  39. Summary of Gaps in Knowledge and Their Potential Impact – Part 2

  40. The End

More Related