Books
Automotive security books written by Dennis
While increased connectivity and advanced software-based automotive systems provide tremendous benefits and improved user experiences, they also make the modern vehicle highly susceptible to cybersecurity attacks. In response, the automotive industry is investing heavily in establishing cybersecurity engineering processes.
Building Secure Cars: Assuring the Automotive Software Development Lifecycle
Explores how the automotive industry can address the increased risks of cyberattacks and incorporate security into the software development lifecycle
Written by a seasoned automotive expert with abundant international industry expertise, Building Secure Cars: Assuring the Software Development Lifecycle introduces readers to various types of cybersecurity activities, measures, and solutions that can be applied at each stage in the typical automotive development process.
This book aims to assist auto industry insiders build more secure cars by incorporating key security measures into their software development lifecycle. Readers will learn to better understand common problems and pitfalls in the development process that lead to security vulnerabilities. To overcome such challenges, this book details how to apply and optimize various automated solutions, which allow software development and test teams to identify and fix vulnerabilities in their products quickly and efficiently. This book balances technical solutions with automotive technologies, making implementation practical. Building Secure Cars is:
- One of the first books to explain how the automotive industry can address the increased risks of cyberattacks, and how to incorporate security into the software development lifecycle
- An optimal resource to help improve software security with relevant organizational workflows and technical solutions
- A complete guide that covers introductory information to more advanced and practical topics
- Written by an established professional working at the heart of the automotive industry
- Fully illustrated with tables and visuals, plus real-life problems and suggested solutions to enhance the learning experience
and available at many other locations…
How to Secure the Connected Car
Dennis’ Doctoral Thesis, 2009, Chalmers University of Technology, Sweden
In recent years, information technology has entered the automobile domain. Most of the functionality in a car is now controlled by electronics and software. There is a trend among automobile manufacturers to perform administrative procedures such as diagnostics and firmware updates over a wireless communication channel and to provide various services that allow hand-held devices such as cell phones and PDAs to interact with the vehicle. Thus emerges the notion of the connected car. As external wireless communication is allowed to interact with the vehicle, a number of security risks are introduced. Achieving proper authentication and secure communication thus becomes a critical issue. The vehicle domain has traditionally only dealt with safety concerns; however, the security risks create a need to consider an intelligent attacker and appropriate security solutions in this domain.
This thesis focuses on how to secure the connected car. A defense-in-depth perspective is employed to do this by means of different approaches. Various measures for prevention including authentication and integrity principles for vehicle-to-infrastructure and device-to-vehicle communication are applied. In addition, measures for prevention, detection and deflection of attacks targeting the in-vehicle network are developed. After an attack has occurred, forensics is performed to reconstruct the event and aid in locating the cyber criminals responsible. Achieving a proper level of security in the car is a challenge, given the environment, the usage scenarios and the safety concerns. Thus, while security solutions must be adapted to support the specific characteristics of the connected car, applying only one security solution for a safety-critical system such as a car may not be sufficient. Several protection mechanisms based on different approaches should be incorporated to secure the connected car and to ensure the safety of its driver and passengers.