An Overview of Cyber Security for Connected Vehicles

Junko TAKAHASHI  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E101-D   No.11   pp.2561-2575
Publication Date: 2018/11/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2017ICI0001
Type of Manuscript: INVITED PAPER (Special Section on Information and Communication System Security)
Category: 
Keyword: 
automotive security,  cyber security,  connected vehicles,  autonomous driving,  connected services,  in-vehicle protocol,  

Full Text: FreePDF(3.2MB)


Summary: 
The demand for and the scope of connected services have rapidly grown and developed in many industries such as electronic appliances, robotics, and industry automation. In the automotive field, including connected vehicles, different types of connected services have become available and they provide convenience and comfort with users while yielding new business opportunities. With the advent of connected vehicles, the threat of cyber attacks has become a serious issue and protection methods against these attacks are urgently needed to provide safe and secure connected services. From 2017, attack methods have become more sophisticated through different attack surfaces attached to navigation systems and telematics modules, and security requirements to circumvent such attacks have begun to be established. Individual threats have been addressed previously; however, there are few reports that provide an overview of cyber security related to connected vehicles. This paper gives our perspective on cyber security for connected vehicles based on a survey of recent studies related to vehicle security. To introduce these studies, the environment surrounding connected vehicles is classified into three categories: inside the vehicle, communications between the back-end systems and vehicles, and the back-end systems. In each category, this paper introduces recent trends in cyber attacks and the protection requirements that should be developed for connected services. We show that the overall security covering the three categories must be considered because the security of the vehicle is jeopardized even if one item in the categories is not covered. We believe that this paper will further contribute to development of all service systems related to connected vehicles including autonomous vehicles and to the investigation into cyber security against these attacks.