The automotive industry is experiencing a serious transformation due to a digitalisation process and the transition to the new paradigm of Mobility-As-A-Service. The next-generation vehicles are going to be very complex cyber-physical systems, whose design must be reinvented to fulfil the increasing demand of smart services, both for safety and entertainment purposes, causing the manufacturers' model to converge towards that of IT companies. Connected cars and autonomous driving are the preeminent factors that drive along this route, and they cause the necessity of a new design to address the emerging cybersecurity issues: The 'old' automotive architecture relied on a single closed network, with no external communications; modern vehicles are going to be always connected indeed, which means the attack surface will be much more extended. The result is the need for a paradigm shift towards a secure-by-design approach. In this paper, we propose a systematisation of knowledge about the core cybersecurity aspects to consider when designing a modern car. The major focus is pointed on the in-vehicle network, including its requirements, the current most used protocols and their vulnerabilities. Moreover, starting from the attackers' goals and strategies, we outline the proposed solutions and the main projects towards secure architectures. In this way, we aim to provide the foundations for more targeted analyses about the security impact of autonomous driving and connected cars.

Automotive cybersecurity: Foundations for next-generation vehicles

Scalas M.
Primo
;
Giacinto G.
Ultimo
2019-01-01

Abstract

The automotive industry is experiencing a serious transformation due to a digitalisation process and the transition to the new paradigm of Mobility-As-A-Service. The next-generation vehicles are going to be very complex cyber-physical systems, whose design must be reinvented to fulfil the increasing demand of smart services, both for safety and entertainment purposes, causing the manufacturers' model to converge towards that of IT companies. Connected cars and autonomous driving are the preeminent factors that drive along this route, and they cause the necessity of a new design to address the emerging cybersecurity issues: The 'old' automotive architecture relied on a single closed network, with no external communications; modern vehicles are going to be always connected indeed, which means the attack surface will be much more extended. The result is the need for a paradigm shift towards a secure-by-design approach. In this paper, we propose a systematisation of knowledge about the core cybersecurity aspects to consider when designing a modern car. The major focus is pointed on the in-vehicle network, including its requirements, the current most used protocols and their vulnerabilities. Moreover, starting from the attackers' goals and strategies, we outline the proposed solutions and the main projects towards secure architectures. In this way, we aim to provide the foundations for more targeted analyses about the security impact of autonomous driving and connected cars.
2019
978-1-7281-2882-5
Automotive; Autonomous Driving; Connected Cars; Cybersecurity; Mobility
File in questo prodotto:
File Dimensione Formato  
08923077.pdf

Solo gestori archivio

Descrizione: File PDF disponibile nella digital library IEEE
Tipologia: versione editoriale (VoR)
Dimensione 1.23 MB
Formato Adobe PDF
1.23 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11584/292609
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 19
  • ???jsp.display-item.citation.isi??? 15
social impact