Authors: Constantinos Patsakis, Kleanthis Dellios, Jose Maria De Fuentes, Fran Casino, Agusti Solanas.
Publication date: 2019/9/13
Journal: Journal of Hardware and Systems Security
- Description: As the vehicles are gradually transformed into the connected-vehicles, standard features of the past (i.e. immobilizer, keyless entry, self-diagnostics) were neglected to be software updated and hardware upgraded so they do not “align” with the cyber-security demands of the new ICT era (IoT, Indus- try 4.0, IPv6, sensor technology) we have stepped into, therefore introducing critical legacy IT security issues. Stepping beyond the era of common auto- theft and “chop-shops”, the new wave of attackers have cyber-skills to exploit these vulnerabilities and steal the vehicle or manipulate it. Recent evolution in ICT offered automotive industry vital tools for vehicle safety, functionality and up to 2010, theft prevention. However, the same technologies are the ones that make vehicles prone to cyber-attacks. To counter such attacks, this work proposes a unified solution that logs all hardware profile changes of a vehi- cle in a blockchain, to manage control and allow only authenticated changes, subject to user, time, geospatial and contextual constraints exploiting several blockchain features. Testing of the proposed solution omens the prevention of numerous commons attacks, while additionally provides forensics capabilities and significantly enhancing the security architecture of the vehicle (respecting the original IT architectural design of automotive manufacturers).