Peer Reviewed

Cyber Security in the Connected Vehicle Environment

Connected vehicles communicate wirelessly with each other and with the road infrastructure and this presents new opportunities for hacking attacks. These attacks may attempt to prevent, intercept or manipulate information which can potentially compromise single or multiple vehicles and aspects of the road infrastructure. Building on risk and safety considerations, cyber security in the connected vehicle environment is presented and then a security risk analysis approach, including a categorisation of connected vehicle vulnerabilities, is presented. Key industry trends are identified, including the integration of mobile phones and apps with vehicle systems. A number of developing cyber security standards and initiatives to improve security, including public key infrastructure, is also identified. A number of short case studies demonstrate connected vehicle vulnerabilities.

Go to the profile of Alan Stevens
Nov 28, 2016

Please sign in or register for FREE

Register to E&T Cyber Security Hub

E&T Cyber Security Hub brings together engineers and cyber security specialists to share practical know-how. With content created ‘by engineers, for engineers,’ it provides peer-reviewed technical information, real-world insights, lessons learnt and case studies, as well as tools for networking and knowledge-sharing, profiles of experts and the opportunity for companies to showcase their expertise.



Go to the profile of Graham Turner
Graham Turner over 1 year ago

Some of the lessons that have been painfully learned in the pay TV technology industry are likely to be applicable in the transport context. These include the fact that any security based on fixed, common secret keys (e.g. DVD and BluRay disks, HDCP for HDMI) will soon be comprehensively broken, and that reliance on standard off-the-shelf 'secure' processors is likely to prove highly disappointing. The techniques that have proved most effective in protecting media content have included semi or full custom secure devices and frequent update of unique and shared keys coupled with a system design that includes recovery from compromise as one of its core concepts.