文件名称:
An In-Depth Analysis of the Security of the Connected Repair Shop
开发工具:
文件大小: 941kb
下载次数: 0
上传时间: 2018-08-14
详细说明: In this paper, we present a security analysis of delivering diagnostics services to the connected car in future connected repair shops. The repair shop will mainly provide two services; vehicle diagnostics and software download. We analyse the security within the repair shop by applying a reduced version of the threat, vulnerability, and risk analysis (TVRA) method defined by ETSI. First, a system description of the repair shop is given. Security objectives and assets are then identified, followed by the threat and vulnerability analysis. Possible countermeasures are derived and we outline and discuss one possible approach for addressing the security in the repair shop. We find that many of the identified vulnerabilities can directly be mitigated by countermeasures and, to our surprise, we find that the handling of authentication keys is critical and may affect vehicles outside the repair shop as well. Furthermore, we conclude that the TVRA method was not easy to follow, but still useful in this analysis. Finally, we suggest that repair shop security should mainly be addressed at the link layer. Such an approach may integrate network authentication mechanisms during address allocation and also support encryption of data for all upper layer protocols with minimal modifications. ...展开收缩
(系统自动生成,下载前可以参看下载内容)
下载文件列表
相关说明
- 本站资源为会员上传分享交流与学习,如有侵犯您的权益,请联系我们删除.
- 本站是交换下载平台,提供交流渠道,下载内容来自于网络,除下载问题外,其它问题请自行百度。
- 本站已设置防盗链,请勿用迅雷、QQ旋风等多线程下载软件下载资源,下载后用WinRAR最新版进行解压.
- 如果您发现内容无法下载,请稍后再次尝试;或者到消费记录里找到下载记录反馈给我们.
- 下载后发现下载的内容跟说明不相乎,请到消费记录里找到下载记录反馈给我们,经确认后退回积分.
- 如下载前有疑问,可以通过点击"提供者"的名字,查看对方的联系方式,联系对方咨询.
