A framework for self-verification of firmwareupdates over the air in vehicle ecus

2008 IEEE Globecom Workshops, GLOBECOM 2008

Volumn , Issue , 2008, Pages

  Nilsson, Dennis K ^a   Sun, Lei ^b   Nakajima, Tatsuo ^b  

^a CHALMERS UNIVERSITY OF TECHNOLOGY   (Sweden)

^b WASEDA UNIVERSITY   (Japan)

Author keywords

[No Author keywords available]

Indexed keywords

FIRMWARE; VEHICLES;

AUTOMOBILE MANUFACTURERS; IN VEHICLES; OVER THE AIRS; VIRTUALIZATION;

VEHICLE TRANSMISSIONS;

EID: 62949201811     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/GLOCOMW.2008.ECP.56     Document Type: Conference Paper

References (28)

1. D. K. Nilsson, U. E. Larson, and E. Jonsson, "Creating a Secure Infrastructurefor Wireless Diagnostics and Software Updates in Vehicles," in Proceedings of the 27th International Conference on Computer Safety, Reliability and Security (SAFECOMP). Springer, 2008, pp. 207-220.
2. S. M. Mahmud, S. Shanker, and I. Hossain, "Secure Software Upload in an Intelligent Vehicle via Wireless Communication Links," in Proceedings of IEEE Intelligent Vehicles Symposium. IEEE, 2005, pp. 587-592.
3. D. K. Nilsson and U. E. Larson, "Secure Firmware Updates over the Air in Intelligent Vehicles," in Proceedings of the First IEEE Vehicular Networking & Applications Workshop (Vehi-Mobi). IEEE, 2008, pp. 380-384.
4. "Simulated Attacks on CAN Buses: Vehicle virus," in Proceedings of the Fifth IASTED Asian Conference on Communication Systems and Networks (ASIACSN). ACTA Press, 2008.
5. D. K. Nilsson, U. E. Larson, F. Picasso, and E. Jonsson, "A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay," in Proceedings of the First International Workshop on Computational Intelligence in Security for Information Systems (CISIS). Springer, 2008.
6. "The L4 micro-Kernel Family," http://os.inf.tu-dresden.de/L4/.
7. K. Elphinstone, G. Heiser, R. Huuck, S. M. Petters, and S. Ruocco, "L4cars," in Embedded Security in Cars (ESCAR), Cologne, Germany,2005.
8. A. Seshadri, A. Perrig, L. van Doorn, and P. K. Khosla, "SWATT: SoftWare-based ATTestation for Embedded Devices," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 2004.
9. A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla, "Using Softwarebased Attestation for Verifying Embedded Systems in Cars," in Embedded Security in Cars (ESCAR), 2004.
10. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla, "Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems," in SOSP'05: Proceedings of the twentieth ACM symposium on Operating systems principles. NewYork,NY, USA: ACM Press, December 2005, pp. 1-16.
11. A. Seshadri, M. Luk, A. Perrig, L. van Doorn, and P. Khosla, "SCUBA: Secure code update by attestation in sensor networks," in ACM Workshop on Wireless Security (WiSe), September 2006.
12. E. Shi, A. Perrig, and L. Van Doorn, "BIND: A fine-grained attestation service for secure distributed systems," in SP'05: Proceedings of the 2005 IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2005, pp. 154-168.
13. B. Chen and R. Morris, "Certifying Program Execution with Secure Processors," in HOTOS'03: Proceedings of the 9th Conference on Hot Topics in Operating Systems, Berkeley, CA, USA, 2003, p. 23.
14. R. Kennell and L. H. Jamieson, "Establishing the Genuinity of Remote Computer Systems," in SSYM'03: Proceedings of the 12th conference on USENIX Security Symposium. Berkeley, CA, USA: USENIX Association, 2003, pp. 295-310.
15. T. Park and K. G. Shin, "Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks," Mobile Computing, IEEE Transactions on, vol. 4, no. 3, pp. 297-309, 2005.
16. D. Schellekens, B. Wyseur, and B. Preneel, "Remote Attestation on Legacy Operating Systems With Trusted Platform Modules," Electron. Notes Theor. Comput. Sci., vol. 197, no. 1, pp. 59-72, February 2008.
17. J. A. Garay and L. Huelsbergen, "Software Integrity Protection Using Timed Executable Agents," in ASIACCS'06: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security. New York, NY, USA: ACM, 2006, pp. 189-200.
18. ARM, "TrustZone: Integrated Hardware and Software Security, White Paper," http://www.arm.com/pdfs/TZ Whitepaper.pdf, 2004.
19. ARM and Intel, "ARM Security Solutions and Intel Authenticated Flash, White Paper," http://www.arm.com/pdfs/Intel ARM Security WhitePaper.pdf, 2007.
20. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, "Xen and the Art of Virtualization," in Proceedings of the Nineteenth ACM Symposium on Operating SystemsPrinciples (SOSP), 2003, pp. 164-177.
21. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh, "Terra: A Virtual Machine-Based Platform for Trusted Computing," SIGOPSOper. Syst. Rev., vol. 37, no. 5, pp. 193-206, 2003.
22. S.-M. Lee, S.-B. Suh, B. Jeong, and S. Mo, "A Multi-Layer Mandatory Access Control Mechanism for Mobile Devices Based on Virtualization," in Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE, 2008, pp. 251-256.
23. L. Sun and T. Nakajima, "A Lightweight Kernel Objects Monitoring Infrastructure for Embedded Systems," in The 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), Kaohsiung, Taiwan, August 2008, pp. 55-60.
24. A. S. Tanenbaum, J. N. Herder, and H. Bos, "Can We Make Operating Systems Reliable and Secure?" Computer, vol. 39, no. 5, pp. 44-51, May 2006.
25. W. Kanda, Y. Kinebuchi, Y. Yumura, and T. Nakajima, "SPUMONE: LightWeight CPU Virtualization Layer for Embedded Systems," in Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC), 2008.
26. "SH7780 SuperH RISC Engine Family," http://america.renesas. com/fmwk.jsp?cnt=sh7780 series landing.jsp&fp=/products/mpumcu/ superh family/sh7780 series/.
27. G. Wurster, P. C. van Oorschot, and A. Somayaji, "A Generic Attack on Checksumming-Based Software Tamper Resistance," in Security and Privacy, 2005 IEEE Symposium on, 2005, pp. 127-138.
28. S. Halevi and H. Krawczyk, "Strengthening Digital Signatures via Randomized Hashing," in Proceedings of the 26th Annual InternationalCryptology Conference (CRYPTO), August 2006.