Investigating Security Vulnerabilities in Modern Vehicle Systems

Abstract

Modern vehicle systems have evolved from an isolated control system into an interconnected architecture combining software, hardware, and data. Such architecture is specialized into vehicle infotainment system (e.g., SYNC of Ford, iDrive of BMW and MMI of Audi), Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I), and vehicle social system which connects to social media networks. These systems hold private and sensitive information such as travel plans, social network messages, login credentials to bank accounts, and so on, which is a lucrative target for malicious attackers. Unfortunately, existing research overlooks the security issues with respect to this highly integrated system. This paper presents security issues across various systems related to modern vehicles through a a holistic and systematic view. We analyze each system components with respect to published attacks in details and present a synthesized body of knowledge. We identify the growing trend where security attacks are launched from the cyber space to vehicle control system via smartphones and vehicle networks. In the foreseeable future, we expect more security attacks both in numbers and in complexity. Knowing this will arise the awareness of vehicle system security and help engineers to build security solutions.