|
A new era is upon
us—an era where Internet connectivity is available everywhere and at all times.
Cars have become very complex computer systems with about 100 million lines of
code and more than 100 electronic control units (ECUs) interconnected to
control everything, including steering, acceleration, brakes, and other
safety-critical systems.
However, cars were
never created with Internet connectivity in mind, and adding this connectivity
as an afterthought raises many security concerns. As a result, a
security-enhancing approach that considers the entire process from product
development to market introduction is required.
This article suggests
using a methodology known as start, predict, mitigate, and test (SPMT). Its
purpose is to predict and mitigate vulnerabilities in vehicles using a
systematic approach for security analysis specifically adapted for vehicles.
The SPMT methodology builds on existing methodologies and models that are
applicable to different phases in a vehicle’s life cycle as well as on new
ideas.
Unlike other methods,
however, the SPMT methodology covers a vehicle’s entire life cycle, which
results in security and safety enhancements, something that cannot be achieved
by existing methodologies.
The Internet of
Things (IoT) has moved society into a new era where a growing number of devices
have Internet capabilities and are behaving more like computers (e.g., smart
TVs and washing machines). Access possibilities are provided via universal
serial bus (USB) sticks, Bluetooth devices, or Wi-Fi/cellular connections.
Modern cars can have
more than 100 ECUs and contain roughly 100 million lines of code. Today, a car
is not just a car—it is a computer on wheels. ECUs are responsible for various
safety functions such as steering and brakes, and new functionality is
constantly being introduced in the automotive industry, which calls for an
increase in the number of ECUs and the amount of code.
As a result, this
increases the likelihood of attacks by hackers. Electrical systems in vehicles
are no longer isolated systems, but, rather, they are vulnerable to
cyberattacks.
Full article: IEEE Vehicular
Technology Magazine, Volume 13, Number 1, March 2018 | 
;){kind=small}
