Exploring the Automotive Embedded Security

Abstract

Background
In the vehicle, there are many electronic components like ECUs (electronic control units) and also wireless components like infrared or UWB (ultra-wide band) - based remote car access, wireless charger, audio, lighting, and more. Additionally, many
external communications are happening in connected car technologies like over-the-air updates (OTA) through cellular mechanisms and other smart devices like roadside traffic lights, pedestrians, other smart vehicles, and more. With this many attack entry points also called attack vectors/surfaces arise and hence need to be secured.
Methods
To explore automotive security, firstly, will investigate the business impacts that occurred in the automotive industry majorly, which covers the significant part of this research. Second, the automotive security process for security quality measures during
the entire vehicle life cycle and third security concepts covering major security protections will be researched. Finally, major use cases with its assets to be protected will be covered in the form of item definition, a block diagram covering the assets, followed
by the assets threat analysis and risk assessment (TARA), and risk mitigation mechanisms.
Results, discussion and conclusion
For each asset under threats, results are derived quantitatively and quality for attack feasibility estimation, damage impact and risk. With this, we will see the major ECUs and use cases attack entry points, attack feasibility, threat scenarios, damage
scenarios and countermeasures, which could be referred to by automotive security engineers for their concept (item definition, TARA, requirements elicitation and more), design, development, maintenance and decommissioning.