1 |
CrySyS Lab(Laboratory of Cryptography and System Security), "sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks," May. 2012.
|
2 |
Craig Smith, "THE CAR HACKER'S HANDBOOK," http://opengarages.org/handbook/ebook/, Jan. 2016.
|
3 |
Paul Ammann, Jeff Offut, "INTRODUCTION TO SOFTWARE TESTING Edition 2," https://cs.gmu.edu/-offutt/softwaretest/, Dec. 2016.
|
4 |
Charlie Miller, Chris Valasek, "Remote Exploitation of an Unaltered Passenger Vehicle", Black Hat USA 2015, Aug. 2015.
|
5 |
Keen Security Lab of Tencent, "FREE-FALL: TESLA HACKING 2016", Black Hat USA 2016, Aug. 2016.
|
6 |
GENIVI Alliance, https://www.genivi.org/, Mar. 2019.
|
7 |
Martin Klimke, Klaus Scheibert, Axel Freiwald, Bjorn Steurich, "Secure and seamless integration of Software Over The Air (SOTA) update in modern car board net architectures," ESCAR Europe 2015, Nov. 2015.
|
8 |
IHS(Information Handling Services), "Over-the-air Software Updates to Create Boon for Automotive Market," Sep. 2015.
|
9 |
Common Criteria, "CC v3.1 Release 5," https://www.commoncriteriaportal.org/cc/, Jun. 2019.
|
10 |
NIST, "FIPS 140-2 Level 3 Security Policy", https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1275.pdf, Mar. 2014.
|
11 |
Adam Shostack, "Threat Modeling: Designing for Security," https://adam.shostack.org/blog/category/threat-modeling/, Jun. 2019.
|
12 |
Marco Steger, Carlo Boano, Michael Karner, Joachim Hillebrand, Werner Rom, Kay Romer, "SecUp: Secure and Efficient Wireless Software Updates for Vehicles," 2016 Euromicro Conference on Digital System Design, Aug. 2016.
|
13 |
Kirill Nikitin, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Justin Cappos, Bryan Ford, "Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds," USENIX Security 2017, Aug. 2017.
|
14 |
Marco Steger, Ali Dorri, Salil S. Kanhere, Kay Romer, "Secure Wireless Automotive Software Updates using Blockchains," Advanced Microsystems for Automotive Applications 2017, pp 137-149, Jan. 2018.
|
15 |
DistriNet Research Group, "LINDDUN: Privacy Threat Modeling," https://linddun.org/, Jun. 2019.
|
16 |
Trike, http://www.octotrike.org/, Jun. 2019.
|
17 |
GENIVI Infotainment Architecture, https://at.projects.genivi.org/wiki/display/GRK/2_Reference+Architecture+and+Compliance+Specification, Jun. 2018.
|
18 |
MITRE CWE, https://cwe.mitre.org/, Jun. 2019.
|
19 |
Bruce Schneier, "Attack Tree," Dr. Dobb's journal, Aug. 1999.
|
20 |
MITRE CVE, https://cve.mitre.org/, Jun. 2019.
|
21 |
MITRE CAPEC, https://capec.mitre.org/, Jun. 2019.
|
22 |
OWASP, https://www.owasp.org/index.php/OWASP_Embedded_Application_Security, Jun. 2019.
|
23 |
Alex Omar, "The Car Hacker's Handbook A Guide for the Penetration Tester," Feb. 2016.
|
24 |
ITU-T, "Secure software update capability for intelligent transportation system communication devices," Mar. 2017.
|
25 |
Sen Nie, Ling Liu, Yuefeng Du, Wenkai Zhang, "OVER-THE-AIR: HOW WE REMOTELY COMPROMISED THE GATEWAY, BCM, AND AUTOPILOT ECUS OF TESLA CARS", Black Hat 2017, Aug. 2017.
|
26 |
Bjoern M. Luettmann, Adam C. Bender, "Man-in-the-Middle Attacks on Auto-Updating Software", Bell Labs Technical Journal, pp 131-138, May. 2007.
|
27 |
Ang Cui, Michael Costello, Salvatore J. Stolfo, "When Firmware Modifications Attack: A Case Study of Embedded Exploitation," NDSS Symposium 2013, Apr. 2013.
|
28 |
K. Chen, "Reversing and Exploiting an Apple Firmware Update," Black Hat USA 2009, Jul. 2009.
|
29 |
New York University (Laboratory of Secure Systems), "The Update Framework," https://theupdateframework.github.io/, Jun. 2019.
|
30 |
WONDER HOWTO, "How to Hijack Software Updates to Install a Rootkit for Backdoor Access," https://null-byte.wonderhowto.com/how-to/hack-like-pro-hijack-software-updates-install-rootkit-for-backdoor-access-0149225/, , Jun. 2019.
|
31 |
Institute for Defence Studies and Anlayses, "THE PETYA CYBER ATTACK," http://cert-mu.govmu.org/, Jun. 2019.
|