Summary
This body of research focues on various aspects of CAV secuirty. Below are some details:
(1) Secure intra-vehicluar communication: In connected-vehicles (CV), communication over a secure gateway ensures that the in-vehicle communication takes place with no intervention or malicious activity. Gateway is a part of the CV that covers intricate functions for the vehicle’s working and thus being susceptible to the outside attack endangers the entire connected vehicle. In this study we have designed end to end security for the safety of the communication between vehicle’s numerous HW/SW components and ECUs. Additionally, we proposed gateway-centric security methods to address the potential security attacks.
(2) Securing external Interfaces in CV systems: This study focuses on the security of the external interfaces in connected vehicles (CV). In this work, we review the security solutions proposed in the current literature and identifies the limitations in the methodology used in securing external communication. The objective of this work is to develop a security framework that will provide secured communication between the CV and the outside/external entities by designing an in-vehicle central unit capable of securing all in-vehicle external communication APIs.
(3) A multi-level context based data privacy risks classification in Connected Vehicles: Connectivity is growing worldwide and there is no exception to its extension to the automobiles. The information produced by telematics and vehicle infotainment systems possess high risks in revealing personal lifestyles, habits, and preferences of an individual. In the era of connected vehicles, this driving data would be easily shared with advertisers, insurance companies, local and municipal government, and law enforcement for a plethora of reasons. Therefore, there is a need to identify the privacy risks. To address the above, we came up with a Privacy metric classification tree in Connected vehicles that is expected to assist the researchers to identify all possible privacy related data items in various CV contexts. This study provides an insight into each of the privacy metrics in our privacy classification tree with necessary technical details along with relevant examples.
(4) Firewall Security in Connected Vehicle: Modern vehicles are inter-connected to their complex distributed network of connected hardware and software systems, and also connected to the outside world through communication interfaces to provide full automation and connectivity. Therefore, protecting the vehicles’ various controlling and operating units against malware attacks has become a major concern for the connected vehicle (CV) as both internal and external connectivity opens the door for the attackers. Network firewall based approaches are widely used in the literature to provide security measures against the various malware threats both for the internal and external interfaces in the CV. This study addresses the research gap in the current literature and proposes an ECU based gateway security architecture. (5) Secure update using Iris scan authentication and symmetric key encryption in connected vehicles: The automated vehicles can connect to the external network with the help of wireless interface and intensify the customer satisfaction with brand new characteristics and services. These connections with the networks may lead to the attacks by the hacker in the computer’s system. So, it is necessary to update the system regularly, improving the security of the system. The introduction to the Over the Air (OTA) updates in the automobile industry has given many advantages to the Original Equipment Manufacturer (OEM) and customers too. Many companies are developing and working on efficient ways on the OTA updates. This study proposes a novel method to provide a secure update over the air.