Abstract
An upcoming trend for automotive manufacturers is to perform remote diagnostics and firmware updates over the air, which allows identifying hardware problems and correction of software flaws with minimal customer inconvenience. These procedures require that the previously isolated in-vehicle network permits external communication, which introduces a number of security risks, e.g., cyber attack threats. In this paper, we identify cyber attack threats and classify the electronic control units (ECUs) in the in-vehicle network to assist in determining which ones to protect and restrict access to. We divide the ECUs into five categories: powertrain, vehicle safety, comfort, infotainment, and telematics. We then use four safety integrity levels to classify the ECU categories. Moreover, we define safety effect levels of security threats which are used to classify identified attacks in the remote diagnostics and firmware updates over the air procedures. The safety and security levels are combined to classify the ECU categories. From the results we conclude that ECU categories such as powertrain and vehicle safety require further protection prior to introducing remote connectivity. As a conclusion, we suggest that automotive manufacturers should emphasize security or restrict the remote diagnostics and firmware updates over the air procedures to certain ECUs.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
