Applied Automotive Security

Applied Automotive Security
Secure Integration of Mobile Devices for novel Automotive Services

Roman Kochanek, Ruhr University in Bochum

DEI - PT1 Room
December 21st, 2011
10.15 - 11.00 a.m.

Abstract:

In the past years the automotive sector has rapidly developed new technologies, which facilitate the communication between a vehicle and its environment. The previously closed in-vehicle network opens its capabilities for technologies such as the Internet or the car-to-x communication. Hence, the implementation of these new technologies within the vehicle leads to the need for information security like securing the communication to other entities or vehicles as well as preventing a wide range of already known attacks against the in-vehicle network [1].
Based on the previous talk about automotive security, which took place at DEI on 16/09/2011, follow up presentation provides a deeper look into the deployment of modern cryptographic mechanisms for securing novel automotive services. To evaluate the security requirements of the [2] automotive project developed by the MOVE research group [3] at DEI, the talk briefly introduces the characteristics and entities of the project including its use cases. The results of the evaluation as well as common types of security attacks serve as a basis for defining the attack surface of the current implementation. To mitigate the drawbacks on information security, we used modern cryptographic schemes like the Elliptic Curve Cryptography [4] (ECC) and the Advanced Encryption Standard [5] (AES) and implemented them on different embedded system architectures. This theoretical background illustrates the challenges for applying the developed approaches on a real-world automotive project. The talk concludes with a live demonstrat ion of the implemented security countermeasures.

Speaker:
Roman Kochanek is a student of IT-Security at the Ruhr University in Bochum and currently participating in a European Exchange Program for Systems Security Researcher (www.syssec-project.eu) at the Politecnico di Milano. Currently he is working on his diploma thesis about secure mobile device integration for next generation automotive services in cooperation with the industry.

References:
[1] http://www.autosec.org/
[2] “Automatic management of autonomy for electric vehicles”, http://move.dei.polimi.it/projects.html
[3] http://move.dei.polimi.it
[4] http://en.wikipedia.org/wiki/Elliptic_curve_cryptography
[5] http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Contacts:
Federico Maggi

Research area:
Systems architectures