Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Study on Vulnerabilities in Connected Cars
KTH, School of Electrical Engineering and Computer Science (EECS).
2019 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesisAlternative title
En studie av sårbarheter i uppkopplade personbilar (Swedish)
Abstract [en]

This report researches the state of cyber security in connected cars. Specifically, common vulnerabilities and trends related to security issues in connected passenger cars are identified.

The study is conducted through a systematic review of publicly reported vulnerabilities and incidents related to computer systems in connected cars. Some of the largest manufacturers in the automotive industry are researched along with common automotive suppliers. In addition, systems and devices used in connected cars are identified to further extend the reach of the study.

The scope of this thesis is limited to publicly available material from two types of sources. The first source is the repository of cyber security company Upstream, which monitors automotive incidents in real-time. The second source is the National Vulnerability Database, NVD.

The most common types of vulnerabilities linked to connected cars were found to be predominantly related to remote keyless systems (RKS), mobile applications, infotainment systems and the OBD port. A vast majority of the found vulnerabilities were remotely exploitable.The most common weakness was related to failure or lack of protection mechanisms.

Abstract [sv]

Denna rapport undersöker cybersäkerheten i uppkopplade bilar. Studien identifierar vanliga sårbarheter och trender relaterade till säkerhetsproblem i uppkopplade personbilar.

Studien utförs genom en systematisk granskning av offentligt rapporterade sårbarheter och incidenter relaterade till system i uppkopplade bilar. Några av de största tillverkarna inom bilindustrin granskas samt underleverantörer till dessa. Dessutom identifieras system och enheter som används i uppkopplade bilar för att ytterligare utöka studiens räckvidd.

Omfattningen av denna rapport är begränsad till offentligt tillgängligt material från två typer av källor. Den första källan tillhör cybersäkerhetsföretaget Upstream och består av en sammanställning av incidenter relaterade till cybersäkerhet i bilindustrin som uppdateras i realtid. Den andra källan är National vulnerability database (NVD) och är en amerikansk databas över sårbarheter.

De vanligaste typerna av sårbarheter för uppkopplade bilar visade sig vara relaterade till nyckellösa låssystem, mobilapplikationer, infotainment-system och OBD-porten. En stor majoritet av de funna sårbarheterna kunde exploateras via trådlösa uppkopplingar. Den mest förekommande svagheten var relate-rad till bristande skyddsmekanismer.

Place, publisher, year, edition, pages
2019. , p. 35
Series
TRITA-EECS-EX ; 2019:396
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-259361OAI: oai:DiVA.org:kth-259361DiVA, id: diva2:1351157
Supervisors
Examiners
Available from: 2019-11-15 Created: 2019-09-13 Last updated: 2019-11-15Bibliographically approved

Open Access in DiVA

fulltext(1092 kB)14 downloads
File information
File name FULLTEXT01.pdfFile size 1092 kBChecksum SHA-512
a2c23f7081f65726b9bf0d665832bb54a6553f1c15402ee120a5b11e9d052bbb87d37ba694f8036be110885025f6213961bec8c2c56ec0b4575d57e6bc20d3f9
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 14 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 26 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf