한국정보처리학회:학술대회논문집 (Annual Conference of KIPS)

한국정보처리학회 (Korea Information Processing Society)
권호 표지

자동차 시스템을 위한 HTA 기반 보안에 대한 연구

Analyzing HTA-Based Security for Automotive Systems

  • 카욘도마틴 (서울대학교 전기정보학과) ;
  • 최진명 (서울대학교 전기정보학과 ) ;
  • 백윤흥 (서울대학교 전기정보학과 )
  • Martin Kayondo (Dept. of Electrical and Computer Engineering, Seoul National University and Inter-University Semiconductor Research (ISRC), Seoul National University) ;
  • Jinmyung Choi (Dept. of Electrical and Computer Engineering, Seoul National University and Inter-University Semiconductor Research (ISRC), Seoul National University) ;
  • Yunheung Paek (Dept. of Electrical and Computer Engineering, Seoul National University and Inter-University Semiconductor Research (ISRC), Seoul National University)
  • 발행 : 2024.10.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Recently, automotive security is gerning significant attention due to the gradual surge in cyberattacks on automotive systems experienced by the industry over the past few years. These cyberattacks stem from the widened attack surface especially caused by increased connectivity and architectural complexity in modern automotive systems. Hardware Trust Anchors (HTAs), a known security technology in the cyber space, have been suggested as a candidate means to prevent automotive cyberattacks. In this paper, we analyze the effectiveness of HTAs in preventing automotive cyberattacks, and the current challenges adopting existing HTAs for automotive security. Simultaneously, we shed a light on complementary cyber defenses that may accompany HTAs to further enhance automotive security.

키워드

과제정보

This research was supported by Korea Planning&Evaluation Institute of Industrial Technology(KEIT) grant funded by the Korea Government(MOTIE) (No. RS-2024-00406121, Development of an Automotive Security Vulnerability-based Threat Analysis System(R&D)). This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (RS-2023-00277326). This work was supported by the BK21 FOUR program of the Education and Research Program for Future ICT Pioneers, Seoul National University in 2024. This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) under the artificial intelligence semiconductor support program to nurture the best talents (IITP-2023-RS-2023-00256081) grant funded by the Korea government (MSIT). This work was supported by Inter-University Semiconductor Research Center (ISRC). This work was supported by the Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No.RS-2024-00438729, Development of Full Lifecycle Privacy-Preserving Techniques using Anonymized Confidential Computing).

참고문헌

  1. Checkoway, Stephen, et al. "Comprehensive experimental analyses of automotive attack surfaces." 20th USENIX security symposium (USENIX Security 11). 2011.
  2. Plappert, Christian, Andreas Fuchs, and Ronald Heddergott. "Analysis and evaluation of hardware trust anchors in the automotive domain." Proceedings of the 17th International Conference on Availability, Reliability and Security. 2022.
  3. Mishra, Tanmaya, Thidapat Chantem, and Ryan Gerdes. "Teecheck: Securing intra-vehicular communication using trusted execution." Proceedings of the 28th International Conference on Real-Time Networks and Systems. 2020.
  4. Jing, Pengfei, et al. "Revisiting automotive attack surfaces: a practitioners' perspective." 2024 IEEE Symposium on Security and Privacy (SP). IEEE, 2024.
  5. Plappert, Christian, and Andreas Fuchs. "Secure and Lightweight Over-the-Air Software Update Distribution for Connected Vehicles." Proceedings of the 39th Annual Computer Security Applications Conference. 2023.
  6. Plappert, Christian, and Andreas Fuchs. "Secure and Lightweight ECU Attestations for Resilient Over-the-Air Updates in Connected Vehicles." Proceedings of the 39th Annual Computer Security Applications Conference. 2023.
  7. Daniel Teuchert, "Finding Vulnerabilities in the HSM", https://www.code-intelligence.com/webinar/hsmvulnerabilities#access, 09.2024