| Abstract | The complexity of modern vehicle architectures is constantly evolving to meet the ever-growing demand for new functionality, enhanced user experience, or establishment of new business models. Current trends towards more centralized vehicles architectures bring high-performance computers with full-fledged POSIX-based operating systems, into the vehicle, which was priorly dominated by microcontroller-based electronic control units. While this development satisfies the performance demand on a technical level, the growth of connectivity and software complexity in the vehicle rapidly broadens its cyberattack surface. With connectivity features typically consolidated on one component, studies and real-world incidents have revealed that this module has become the primary target of cyberattacks.
This dissertation shows how to bootstrap a secure connected vehicle from a central Trusted Computing-based security provider in the vehicle, while addressing requirements of current automotive cybersecurity standards and regulations. The security provider is placed at the connectivity module of the vehicle to strengthen this typically physically and remotely exposed controller against advanced remote and hardware side-channel-based cyberattacks and mitigate against lateral movement attacks. It primarily acts as central policy enforcement (PEP) and decision point (PDP) to implement the overall security policy within the vehicle and to its environment. The advantages of the solution are showcased based on the instantiation for currently challenging security-critical use cases of the automotive industry: Remote feature activation, virtual car key, and over-the-air software update. The instantiations detail how the security provider contributes to establish strong security concepts for managing the advanced functionality of connected vehicles and mitigate against prominent automotive cyberattacks while recognizing the limitations of heterogeneous vehicle architectures. |
|---|
