Use this URL to cite or link to this record in EThOS:
Title: Security and privacy aspects of automotive systems
Author: Mansor, Hafizah
ISNI:       0000 0004 8499 5921
Awarding Body: Royal Holloway, University of London
Current Institution: Royal Holloway, University of London
Date of Award: 2017
Availability of Full Text:
Access from EThOS:
Access from Institution:
Connected cars have Internet access and connectivity to supporting infrastructures and other vehicles. This enables them to take advantage of smart applications (such as crash alert and real-time location) that can be used in different phases of the car's life cycle. Automotive systems consist of a number of subsystems and networks that operate a car. In this thesis, we analyse the security and privacy aspects of automotive systems in connected cars. The analysis is performed through selected vehicular applications; the vehicular firmware update, forensics and maintenance logging systems. The applications are selected to cover various aspects of security during the different phases of the car's life cycle. For each vehicular application, the process, challenges and requirements are considered. Our analysis of the security and privacy requirements of the automotive systems provides valuable insights into the overall reliability and safety of connected cars. Firstly, we looked into the firmware update application for vehicular systems as this is crucial in ensuring the safety and reliability of the car. One of the main industrial projects, the E-safety Vehicle Intrusion Protected Applications (EVITA) project, has proposed a firmware update over-the-air protocol. We found some shortcomings in the operations of this protocol and proposed an improvement, EVITA+, which provides additional assurance by considering both security and general requirements to ensure a successful update. Secondly, we propose a firmware update protocol using a mobile device, with a mechanism that protects the intellectual property of the firmware and ensures reliability during updates. Thirdly, in the forensics application, the main consideration of the protocol is to protect data privacy while giving access to the car owner. Finally, in the maintenance logging application, we give data access to the car owner, while ensuring authenticity. The exploitation of mobile devices in the proposed applications provides user flexibility as well as privacy protection, and differentiates our solutions from current industrial implementations. The proposed protocols are analysed using automated formal analysis tools, i.e. CasperFDR and Scyther, and implemented to prove feasibility and determine performance.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: automotive security ; CAN bus ; firmware updates ; vehicle forensics ; vehicle maintenance services