This book explores the need for cyber security in automotive and what all the stakeholders e.g., Original Equipment Manufacturers (OEMs), users, security experts could do to fill the cyber security gaps. In particular, it looks at the security domain changes and how threat modelling and ethical hacking can help to secure modern vehicles. Furthermore, it examines the skills and tools that everyone who wants to work as automotive cyber security personal needs to be aware of, as well as how to think like an attacker and explore some advanced security methodologies. This book could serve very well as a text book for undergraduate (year 3) and postgraduate modules for automotive cyber security. The book is organized into six chapters excluding the introduction. A brief description of each of the chapters follows: Introduction highlights the importance of cyber security in modern vehicles by discussing critical security challenges that are faced by the automotive industry. Furthermore, some potential risks posed to modern vehicles are identified and discussed. Chapter 1: This chapter starts with the history and evolution of modern vehicles over the years. Then, various standards proposed by the automotive industry to build secure vehicles are discussed. The learning objectives of this chapter include: understanding the automation levels in vehicles by comparing different proposed models, and learning the automotive standards to understand the need for automotive cyber security. Chapter 2: This chapter establishes the automotive cyber security language. All the important concepts and definitions are provided in this chapter that are necessary to understand the overall security situation in modern vehicles. Furthermore, the famous Jeep Cheroke attack along with other case studies are discussed that forced automotive industry to take cyber security seriously. The learning objectives of this chapter include: critical awareness of the key theoretical concepts underpinning cyber security threats in automotive context, and understanding current security loop holes in vehicles using real world case studies. Chapter 3: The focus of this chapter is to study the most common in-vehicle networks e.g., Controller Area Network (CAN), Local Interconnect Network (LIN), FlexRay and media oriented system transportation (MOST). How these networks are connected and transmit data across electronic control units. Furthermore, an industrial tool named CANoe is explored to model the intended electronic control units and see how data transmission happens in the simulated environment. The learning objective of this chapter includes deep understanding of in-vehicle networks. Chapter 4: The most common vulnerabilities and potential attacks on the controller area network are discussed in this chapter. Then, a practical demonstration of attack is shown through simulated tools. The learning objectives of this chapter include: critical awareness of error handling techniques of controller area network & their exploitations, and how to do reverse engineering of the real data. Chapter 5: This chapter establishes threat modelling language in general and then focusing on automotive threat modelling. A new automotive threat modelling approach is proposed and used in this book. Through practical case studies the proposed approach is exemplified. Then, the attack trees are discussed in general and in the automotive context through examples. The learning objectives of this chapter include: deep understanding of core concepts of the structured approach to allow automotive cyber security threats to be modelled & classified, and how to do automotive threat modelling, and attack trees generation of automotive assets. Chapter 6: The last chapter discusses the vehicle perimeter security. Different proposals of firewalls, intrusion detection systems, and encryption in the automotive context are explored and discussed. The learning objectives of this chapter include: understanding core concepts of perimeter security in general and automotive, and evaluating current perimeter security measures in automotive.
|Number of pages||82|
|Publication status||Published - 2020|
- Automotive Cybersecurity
- Automotive Threat Modelling
- Vehicle Attacks
- Connected and Autonomous Vehicles
- in-vehicle network