Security concept

advertisement
Sigyn II 2009-2012
software in global yielding
networks
Issuer: Anna Karin Anckar AKARLS13, Brand & Insights, PowerPoint Guidelines, Security Class: Proprietary
Date created: 2012-03-12
1
Project organization &
partners
Academy & Administration
SOTA1
SADD2
*
TACTA3
CIRA4
1. SOTA: Security cOncept and IT Architecture
2. SADD: Safety Analysis and concept for Diagnostics and software
Download
3. TACTA: TrAfic Control and Test car mAnagement
4. CIRA: Connected car Impact on Repair shops and After sales
* Know it left the project in Q4 2010
2
Intensions & objectives
Intentions are to study
Basic objectives are to
Connected vehicles with services like
remote diagnostics, measurement
and software download
Add safety, robustness and
security to the remote services
Test car status and traffic
monitoring/controlling
Security and safety concepts for
connected vehicles
and
Security analysis at academies
Develop a scalable IT architecture
to handle a large vehicle
population increasing over time
Requirement on future vehicle
architecture
Evaluate IT architecture, remote
diagnostics, measurement and
software download
3
Results remote services
Asynchronous
remote services
Synchronous
remote services
R&D
Work
shop
Remote SWDL
Vehicle state of
health
Remote Diagnostic
parameter settings
Remote data
measurement
Remote online
Diagnostics
Wireless
Diagnostics &
SWDL
Page 4
Results security
Security implications
• Resource constrains of the ECU.
• Limited possibilities of extra
cost, security solutions must be
very cost efficient.
• Lifetime of the solution, the
vehicle may be in use for 10-15
years.
Security concept
• Reliance on cryptography and
hardware security modules to
establish trust.
• Communication security
solutions with strong
authentication
• Application of defense in depth
concepts
Issuer: [Name] [CDS ID], [Organisation], [Name of Doc], Security Class: Proprietary
Date created: [YYYY-MM-DD]
5
5
Result Safety
Safety implications
• Previously the diagnostic client was
always physically attached to the vehicle
via the OBD-connector and became deattached before the vehicle left the
workshop.
• The diagnostic client will be built into the
vehicle (thus never de-attached).
• There will be occasions when the
workshop mechanic have no visual
overview of the vehicle when performingSafety concept
remote diagnostics.
• Involvement and reliance upon the
vehicle user
• Vehicle must verify certain
conditions
• The application of requirements is
location dependent (road
side/workshop)
6
publications
“Security Concerns in Communication with the Connected Car using DoIP”.
P. Kleberger, A. Javaheri, V. Izosimov, and H. Broberg. In: Electronic Systems for Motor Vehicles. VDIBerichte 2132. ISBN: 978-3-18-092132-7. Baden-Baden, Germany, Oct. 2011, pp. 245-254 (nominated for
best paper at the conference)
“A Framework for Assessing the Security of the Connected Car Infrastructure”
P. Kleberger, A. Javaheri, T. Olovsson, and E. Jonsson. In: Proceedings of the Sixth International Conference on Systems
and Networks Communications (ICSNC 2011). IARIA. Barcelona, Spain, Oct. 2011, pp. 236-241.
“Security Aspects of the In-Vehicle Network in the Connected Car”
P. Kleberger, T. Olovsson, and E. Jonsson.. In: Proceedings of the 2011 IEEE Intelligent Vehicles Symposium (IV). BadenBaden, Germany: IEEE, June 2011, pp. 528-533. doi: IVS.2011.5940525.
“An In-Depth Analysis of the Security of the Connected Repair Shop”.
P. Kleberger, T. Olovsson, and E. Jonsson. In: Proceedings of the Seventh International Conference on Systems and
Networks Communications (ICSNC 2012). IARIA. Lisbon, Portugal., Nov. 2012, pp. 99-107.
"Remote vehicle diagnostics over the Internet using the DoIP protocol
M. Johanson, P. Dahle and A. Söderberg," 6th International Conference on Systems and Network Communications, ICSNC
2011, Barcelona, Spain, October 23-29, 2011.
"A Structured Approach to Securing the Connected Car".
P. Kleberger . Thesis for degree of Licentiate of engineering. Technical report at Department of Computer science and
engineering, no 99L ISSN 1652-876X.
7
The sigyn journey
SIGYN II
Pre study
SIGYN
LOKE
2005
2006
2007
2008
2009
2010
2011
2012
8
Project significance
Functionality introduction in
SPA
Volvo Technology award
winner 2012
Page 9
SIGYN II Continuation
FFI Security Framework (SeFram)
FFI Remote Data Collection & Visualization (RDCV)
FFI Big Automotive Data (BAuD)
2012
2013
2014
2015
2016
10
Thanks for your attention!
Anna Sundalen
Volvo Cars
11
Download