Abstract
In the last decade, the automotive industry incorporated multiple electronic components into vehicles introducing various capabilities for adversaries to generate diverse types of attacks. In comparison to older types of vehicles, where the biggest concern was physical security, modern vehicles might be targeted remotely. As a result, multiple attack vectors aiming to disrupt different vehicle components emerged. Research and practice lack a comprehensive attack taxonomy for the automotive domain. In this regard, we conduct a systematic literature study, wherein 48 different attacks were identified and classified according to the proposed taxonomy of attack mechanisms. The taxonomy can be utilized by penetration testers in the automotive domain as well as to develop more sophisticated attacks by chaining multiple attack vectors together. In addition, we classify the identified attack vectors based on the following five dimensions: (1) AUTOSAR layers, (2) attack domains, (3) information security principles, (4) attack surfaces, and (5) attacker profile. The results indicate that the most applied attack vectors identified in literature are GPS spoofing, message injection, node impersonation, sybil, and wormhole attack, which are mostly applied to application and services layers of the AUTOSAR architecture.
Highlights
Due to the openness and interconnectedness of modern embedded systems, various security issues arise [1]
We systematically developed a taxonomy of attack mechanisms under which we classified the identified attack vectors according to the multi-level dimensions
The results suggest that the taxonomy can assist analysis and design of embedded systems during the system development lifecycle
Summary
Due to the openness and interconnectedness of modern embedded systems, various security issues arise [1]. Attackers try to exploit these vulnerabilities, which can result in numerous consequences such as financial loss, sabotage or an accident with a fatal outcome. An example of such systems are modern vehicles, which communicate with multiple devices such as traffic lights (V2I) or other vehicles (V2V). The automotive industry focused on addressing functionality and safety as pects of a vehicle [2]. The physical security represented the biggest concern. Modern vehicles are highly connected sys tems wherein security is becoming an important subject [3]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
