THEautomotive ecosystem has evolved through the years: vehiclesthat were previously merely mechanical have been equipped withmore and more electronic devices, and new paradigms such as Vehi-cle to Everything (V2X) and autonomous driving have risen to further pushthe implementation of information and communication technologies. Thebenefits carried by these new technologies in relation to comfort, safety, andconnectivity are, however, balanced by evident downsides in the context ofsecurity and privacy. Some of the challenges brought by the implementa-tion of these new technologies are, moreover, peculiar of this new automo-tive ecosystem and cannot be solved simply by reusing security measuresdesigned for other contexts. They require tailored solutions that have to bedesigned with comprehension of the new threat model and exploiting thecharacteristics of the new technologies.For this reason, this dissertation revolves around the comprehension ofthe peculiar elements of the automotive ecosystem and of the connectedvehicle, the analysis of the threat model and of the risks carried by the newtechnologies, and, once that has been analyzed, on the design of tools andcountermeasures that focus specifically on those peculiarities. We highlightthree peculiarities of the automotive ecosystem: the on-board networks andController Area Network (CAN), the cyber-physical properties of manydevices installed on the vehicles, and finally the new V2X environment andits players. For each of these elements, we design solutions tailored toits weaknesses and vulnerabilities, limiting the possibilities of a maliciousactor and increasing the overall security of the ecosystem.
Il mondo automobilistico è cambiato drasticamente nell’ ultimo ventennio: veicoli che una volta erano quasi unicamente meccanici sono ormai stati equipaggiati con svariati componenti elettronici. Inoltre, la nascita nuovi paradigmi come V2X e guida autonoma sta portando ad ulteriori sviluppi nell’implementazione di tecnologie di comunicazione e dell’informazione. Tuttavia, i benefici portati da questo sviluppo relativamente a comfort, sicurezza alla guida e connettività del veicolo sono bilanciati da una serie di svantaggi riguardanti privacy e sicurezza dell’informazione. Oltretutto, molte delle sfide derivanti dall’implementazione delle nuove tecnologie appena menzionate sono specifiche dell’ambito automobilistico e nascono da caratteristiche di questo ecosistema, e non è di conseguenza possibile risolverle semplicemente riutilizzando misure di sicurezza pensate per altri contesti. ́E necessario trovare soluzioni su misura per il contesto automobilistico, progettate con comprensione del nuovo modello di minaccia e sfruttando le caratteristiche e proprietà delle nuove tecnologie. ́E' a partire da queste considerazioni che strutturiamo questa tesi, prima concentrandoci sullo studio degli elementi caratteristici del nuovo ecosistema automobilistico, poi analizzando il modello di minaccia derivante dall’utilizzo di nuove tecnologie e infine, una volta conclusa quest’analisi, presentando misure di sicurezza studiate per adattarsi a queste nuove caratteristiche. Consideriamo tre caratteristiche peculiari dell’ecosistema automobilistico: le reti locali a bordo del veicolo e CAN, le proprietà cyber-fisiche di molte delle unità di controllo installate a bordo del veicolo, e infine il nuovo paradigma V2X e i suoi componenti. Per ciascuno di questi elementi progettiamo misure di sicurezza adatte a compensare le sue debolezze e vulnerabilità, limitando le possibilità di un aggressore e aumentando la sicurezza complessiva dell’ecosistema.
On the security of connected automotive systems
Longari, Stefano
2020/2021
Abstract
THEautomotive ecosystem has evolved through the years: vehiclesthat were previously merely mechanical have been equipped withmore and more electronic devices, and new paradigms such as Vehi-cle to Everything (V2X) and autonomous driving have risen to further pushthe implementation of information and communication technologies. Thebenefits carried by these new technologies in relation to comfort, safety, andconnectivity are, however, balanced by evident downsides in the context ofsecurity and privacy. Some of the challenges brought by the implementa-tion of these new technologies are, moreover, peculiar of this new automo-tive ecosystem and cannot be solved simply by reusing security measuresdesigned for other contexts. They require tailored solutions that have to bedesigned with comprehension of the new threat model and exploiting thecharacteristics of the new technologies.For this reason, this dissertation revolves around the comprehension ofthe peculiar elements of the automotive ecosystem and of the connectedvehicle, the analysis of the threat model and of the risks carried by the newtechnologies, and, once that has been analyzed, on the design of tools andcountermeasures that focus specifically on those peculiarities. We highlightthree peculiarities of the automotive ecosystem: the on-board networks andController Area Network (CAN), the cyber-physical properties of manydevices installed on the vehicles, and finally the new V2X environment andits players. For each of these elements, we design solutions tailored toits weaknesses and vulnerabilities, limiting the possibilities of a maliciousactor and increasing the overall security of the ecosystem.| File | Dimensione | Formato | |
|---|---|---|---|
|
phd_thesis_longari__final_form_.pdf
non accessibile
Descrizione: On the security of connected automotive systems - PhD Thesis of Stefano Longari
Dimensione
4.91 MB
Formato
Adobe PDF
|
4.91 MB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/177082