LEss Injuries by making cars SecURE

Topic references

Written on 08.11.2019 11:06 by Daniel Frassinelli

Dear students,

we post the list of topic and references. Take a look at all documents to see what you think is fitting for you. The deadline to choose the topic will be Wednesday. Soon, we will also upload:

• A latex template, with some more details on what you need to write.
• A doodle to book the exam date.
• A doodle to vote your preferred topic.

In the meantime, a brief overview of what will be expected from you: For your chosen topic, you should analyse the related works we provide (which are a simple starting point) and find more yourself. The point of this work is to make a presentation and summary where you discuss such things:

• Summarise the topic and related works, and describe what is the current state of the art in the field (both in terms of technology and usage by OEMs).
• Perform an analysis of how such technologies could evolve in the future (i.e., how will automotive evolve in that aspect).
• Discuss how this will affect the customers (privacy? security? added costs? etc.), with a particular focus on the persona(s) you define. This can be done by providing a few concrete use-cases.
• Based on your use-cases, discuss the possible solution(s). Please, consider everything, from the life-time of the vehicle to the fact the OEMs need to recall possibly hundreds of thousands of cars if the solution doesn't work and cannot be remotely fixed! How would it affect your persona(s)? Would your solution allow for new tech to be implemented on top? Is it backwards-compatible? Forward-compatible? Etc.

In short, the idea of this seminar is to put you in the perspective of an OEM. This means you are not allowed to solve somethings by saying 'we encrypt everything', 'we do not sell data', and so on so forth. You must consider the implication of your solution, the complexity of maintaining it over time, how it will adapt for future models, will customers care about it, etc. We hope this will give you insights into how complex is to innovate and propose solutions for the automotive industry. Also, you will probably notice how such industry is anything but agile and that is decades behind the current state-of-the-art technologies.

Shared references

These are reads that everyone should look at. Also, feel free to read documents and articles from the other subtopics, as they might still be correlated to yours.

• [Data Collection]. TELSA refutes a journalist claim by providing a detailed log on how he used the car. https://www.tesla.com/blog/most-peculiar-test-drive
• [Driving analysis]. Pay as you drive insurance, if you brake hard to avoid an accident, you pay more :D. https://www.insurethebox.com/telematics
• [TCU and remote control]. Renault battery lease agreement. They claim they will 'block' your battery if you stop paying the lease. This is true, as we previously reverse-engineered their TCU and found they can actually do it, and much more (tracking, remote control, check and log when you speed, etc.) http://myrenaultzoe.com/Docs/BatteryHireLeaseAgreement.pdf.
• [Automotive Security & Background] Funny guys that do a lot of car attacks. Provide a good background on ECUs, CAN, etc. http://illmatics.com/carhacking.html
• [Self-driving & accountability] UBER self-driving accident, whose fault is that? How you prove it? Judges can hardly interpret a CNN output, https://en.wikipedia.org/wiki/Death_of_Elaine_Herzberg
• [Automotive testing & accountability] 'We didn't know about the 'test-mode' in our ECUs.' How can certification authorities regulate vehicles? Often composed by 20 or so ECUs, each doing something unknown to the tester? https://www.cleanenergywire.org/factsheets/dieselgate-timeline-car-emissions-fraud-scandal-germany

Topic 1. Data collection and analysis in vehicles

In this topic, you will analyse technologies that actively log and possibly identify a driver (e.g., log when and how you drive), identification (e.g., can the car know when you are driving and feeling unwell? can this be applied to court?), advertisements (how long before we see custom advertisements on the head unit?), etc.

• "BMW provides evidence of precise telemetry data in verdict 113 kls 34/15" (Germany only, put deepL works) http://www.verkehrslexikon.de/Texte/Rspr8507.php
• Automotive section of https://link.springer.com/content/pdf/10.1007%2F978-3-642-04468-7.pdf
• http://www.autosec.org/pubs/fingerprint.pdf
• https://www.insurethebox.com/telematics
• https://www.moneysupermarket.com/car-insurance/telematics/

Topic 2. Self-driving & sensor fusion

This topic is concerned more with the future of mobility. Will cars be self-driving, if yes how? How do we judge who is at fault if it is a probabilistic algorithm making a decision? How do you prove it to a judge? What could go wrong? Can we attack sensors? Can we prevent attacks? If yes, how? At which cost?

• https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-zeng.pdf
• https://www.bloomberg.com/news/articles/2019-06-19/threat-of-gps-spoofing-for-autonomous-cars-seen-as-overblown
• http://openaccess.thecvf.com/content_ECCV_2018/papers/Jinkyu_Kim_Textual_Explanations_for_ECCV_2018_paper.pdf
• https://arxiv.org/pdf/1703.10631.pdf
• https://www.wired.com/story/teslas-latest-autopilot-death-looks-like-prior-crash/
• https://pdfs.semanticscholar.org/e06f/ef73f5bad0489bb033f490d41a046f61878a.pdf
• https://towardsdatascience.com/sensor-fusion-90135614fde6

Topic 3. Automotive Security

In this topic, you will analyse the current state of the art in automotive security, especially in-vehicle networks. As of currently, there is no security, but in the future? Components can be replaced, updated, and possibly connected to the Internet. How do we assure that an attacker doesn't gain remote control of your vehicle? How do we protect the communication between ECUs (remember, a 50ms delay on packets telling the car to brake is unacceptable). Similarly, ECUs are cost-driven embedded controllers, with limited RAM and CPU. How will this evolve? Is the current architecture and design sufficient?

• https://eprint.iacr.org/2010/332.pdf
• https://www.usenix.org/legacy/event/sec10/tech/full_papers/Rouf.pdf
• https://en.wikipedia.org/wiki/CAN_bus
• https://support.ixiacom.com/sites/default/files/resources/whitepaper/ixia-automotive-ethernet-primer-whitepaper_1.pdf
• https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_cho.pdf
• https://pdfs.semanticscholar.org/3b58/32db451b4afcfc1d75c0c346d6e1a47ff559.pdf

Topic 4. Telematic Control Unit, eCall, and connected dongles

In this topic, you will analyse TCUs and dongles (which are becoming increasingly used). They can be used for several things: from safety to data collection, remote control and debugging, update over the air etc. These devices will possibly revolutionise the automotive industry, as they will allow OEMs to (right now is not) securely push updates to 1) fix bugs, and 2) add features (e.g., TESLA). But many things could go wrong, especially as most of them have little to no security. How can we solve this?

• https://www.vwconnect.com/
• https://www.bbc.com/news/technology-31093065
• https://ec.europa.eu/transport/themes/its/road/action_plan/ecall_en
• https://www.tesla.com/support/tesla-app
• https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
• https://zubie.com/

Topic 5. Vehicle to infrastructure (V2I) and vehicle to vehicle (V2V) communication

It is definitely true that in the future of mobility, vehicles will be connected to everything. Assuming the two main technologies will be vehicle to vehicle (V2V) and vehicle to infrastructure (V2I), how this communication will happen? Via WLAN or mobile networks? With or without secure communication? What is the state of the art technologies? How all the OEMs manage or (plan) to implement them? Are there any standards? Can this be done security? What could go wrong? How can this affect security & privacy?

• https://www.kaspersky.com/blog/electric-cars-charging-problems/20652/
• https://en.wikipedia.org/wiki/Vehicular_ad-hoc_network
• https://www.researchgate.net/publication/258248007_Vehicular_ad-Hoc_networks_VANETs-An_overview_and_challenges
• https://en.wikipedia.org/wiki/Vehicle-to-everything
• https://www.counterpointresearch.com/125-million-connected-cars-shipments-2022-5g-cars-2020/
• https://media.daimler.com/marsMediaSite/en/instance/ko/Under-the-microscope-Innovative-Mercedes-me-connect-services-Parking-Finding-a-parking-space-made-easy.xhtml?oid=39904686

Topic 6. Vehicle testing, attestation & dynamic homologation

As of currently, cars are black-boxes which cannot be tested if not by the makers. This makes it very difficult for a third-party to verify claims. Also, it is currently impossible to re-configure them, as they would lose their homologation. The question is, how will this process evolve? Can it be made more open and streamlined? Can the community be involved in developing a road-legal vehicle? Can and how you prove to a third party that a vehicle is running the software you signed? How do you test your vehicle?

• Dieselgate – a timeline of Germany car emissions fraud scandal
• https://debugmo.de/2015/12/dieselgate/
• There are many limitations, a small example: https://www.feabhas.com/sites/default/files/2016-06/A quick guide to ISO 26262[1]_0_0.pdf
• Don't waste too much time here, just to give an idea: https://www.autosar.org/
• https://en.wikipedia.org/wiki/Trusted_Computing
• https://www.thedrive.com/tech/26679/why-havent-over-the-air-updates-taken-over-the-auto-industry
•