Security Threats and Countermeasures for Connected Vehicles

Sammanfattning: With the rapid development of connected vehicles, automotive security has become one of the most important topics. To study how to protect the security of vehicle communication, we analyze potential threats for connected vehicles and discuss countermeasures to mitigate these threats. In this thesis, we examine 25 services that connected vehicles can provide. Entities, connections, and message flows in these services are investigated and synthesized into a vehicle network structure. The 25 services are divided into six use cases including: infotainment service, remote monitoring, device control, Vehicle-toeverything (V2X), diagnostics service, and in-vehicle Intrusion Detection System (IDS). We establish communication models for these use cases and analyze the potential threats based on Confidentiality, Integrity and Availability (CIA) criteria. We discuss possible countermeasures that can mitigate these threats based on existing network security techniques. Each alternative countermeasure’s advantages and limitations are presented. To filter possible attacks, we investigate and design firewalls in four components of a vehicle: Dedicated Short-Range Communications (DSRC) module, gateway, Telematic Control Unit (TCU), and Human-Machine Interface (HMI). We also simulate a firewall for an HMI application by building a communication model in Python.