Vehicle Information and Management Portal (VIMP)
By Shalaka Satam
Modern vehicles are controlled by complex distributed systems comprising large amount of heterogeneous nodes with rich connectivity provided by internal networks and Internet. With the exponential increase in vehicle intelligence and connectivity, security and privacy have become the main concerns for automotive systems. Researchers have shown that modern vehicles can be attacked from a variety of interfaces access such as USB, and wireless channels. Furthermore, by compromising a single control unit, a capable attacker may gain access to other vehicle units via internal communication buses such as controller area network (CAN), and attack critical subsystems. As CAN gets interconnected with Internet of Things (IoT) resources and services, it becomes easy targets to cyber adversaries, especially since it was never designed to handle cyber threats. It allows adversaries to potentially execute malicious commands on control systems, causing harmful actions (e.g. Disable brake system). Therefore, it is critically important to secure and protect smart vehicle operations against any type of cyber-attacks.
In this project, we are developing trustworthy Vehicle Information and Management Portal (VIMP) services to support smart car applications. The VIMP will make all the components and/or devices within a vehicle universally accessible by visiting the vehicle portal that will be unique for each car or vehicle. The VIMP uses cloud and internet technologies for communication (voice, video), entertainment, monitoring traffic, and emergencies. Furthermore, each VIMP is accessible in a similar way to the ubiquitous access to any internet website. For example, one IoT service allows auto manufacturers to continuously obtain test field data as well as provide on-line capability to update vehicle firmware at any time, and from any place. By connecting cars to VIMP services, we can offer revolutionary new services in entertainment, communication, collaboration, on-line monitoring to increase safety by proactively and reactively warning about the vehicle current dangerous conditions, continuous access to field data, on-line firmware update, just to name a few. In addition, we will show how our ABA methodology can be applied to secure and protect the VIMP services against a wide range of cyber-attacks that target vehicle sensors.