Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

Threat Issues of Intelligent Transport System in the V2X Convergence Service Envrionment

V2X 융합서비스 환경에서 지능형차량시스템의 위협 이슈

  • Hong, Jin-Keun (Division of Information Communication, Baekseok University)
  • 홍진근 (백석대학교 정보통신학부)
  • Received : 2015.08.25
  • Accepted : 2015.10.20
  • Published : 2015.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

In a V2X convergence service environment, the principal service among infotainment services and driver management services must be supported centering on critical information of the driver, maintenance manager, customer, and anonymous user. Many software applications have considered solutions to be satisfied the specific requirements of driving care programs, and plans. This paper describes data flow diagram of a secure clinic system for driving car diagnosis, which is included in clinic configuration, clinic, clinic page, membership, clinic request processing, driver profile data, clinic membership data, and clinic authentication in the V2X convergence service environment. It is reviewed focusing on security threat issue of ITS diagnostic system such as spoofing, tampering, repudiation, disclosure, denial of service, and privilege out of STRIDE model.

V2X 카 융합서비스 환경에서, 인포테인먼트 서비스와 운전자 관리 서비스 가운데 주요 서비스는 드라이버, 유지보수 관리자, 고객, 익명의 사용자의 중요한 정보를 중심으로 지원되어야 한다. 많은 소프트웨어 어플리케이션들이 운전 관리 프로그램과 계획의 특정 요구조건을 만족하기 위해 솔루션을 고려해오고 있다. 본 논문에서는 V2X 융합서비스 환경에서 클리닉 환경설정, 클리닉, 클리닉 페이지, 맴버십, 클리닉 요청 처리, 운전자 프로파일 데이터, 클리닉 맴버십 데이터 그리고 클리닉 인증을 포함한 운전자용 차량 진단을 위한 안전한 관리 시스템의 Data flow diagram을 설명하였다. STRIDE 모델 가운데 스푸핑, 탬퍼링, 부인방지, 노출, 서비스 거부, 권한 관리와 같은, ITS 진단 시스템의 보안 위협 이슈를 중심으로 고찰하였다.

Keywords

References

  1. Corporate Partnership Board, Automated and Autonomous Driving Regulation under uncertainty, International Transport Forum, 2015.
  2. SAE Standard J3016, 2014.
  3. Bharat Bhushan Konka, "A Case study on Software Testing Methods and Tools - A pre study on software testing requirements of ISO/DIS 26262," MS dissertation, University of Gothenburg. 2011.
  4. Donal Heffernan, Ciaran MacNamee, Padraig Fogarty, "Runtime verification monitoring for automotive embedded systems using the ISO 26262 functional safety standard as a guide for the definition of the monitored properties," IET software, Vol. 8 Issue. 5, pp. 193-203, 2014. https://doi.org/10.1049/iet-sen.2013.0236
  5. Torsten Schutze, "Automotive Security: Cryptography for Car2x communication," Embedded World Conference, 2011.
  6. ETSI TR 102 893, Intellignet Transport Systems (ITS); security, threat, vulnerability and risk analysis (TVRA), 2010.
  7. Olaf Henniger, Ludovic Aprille, Andreas Fuchs, Yves roudier, Alastair Ruddle, Benjamin Weyl, "Security requirements for automotive on board networks," IEEE ITST, 2009.
  8. Karl Koscher, "Security Embedded Systems: Analyses of Modern Automotive systems and enabling Near Real Time Dynamic Analysis," PHD dessertation, University of Washington, 2014.
  9. National Highway Traffic safety Administration, Vehicle Safety Communications - Applications (VSC-A) Final report : Appendix Vol. 3 Security, DOT HS 811 492D, 2011.
  10. Elyes Ben Hamida, Hassan Noura Wassin Znaidi, "Security of Cooperative Intelligent Transport Systems: Standards, Threats Analysis and Cryptographic Countermeasures," Electronics, pp. 380-423, 2015.
  11. Zeadally, s., Hunt R., Chen Y. S., Irwin A., Hassan A., "Vehicular ad hoc networks (VANETS): status, results, and challenges," Telecommun. Syst. Vol. 50, pp. 21-241, 2012.
  12. http://www.syssec-project.eu/m/page-media/3/syssec-d6.2-SecurityOfTheConnectedCar.pdf.
  13. Liting Huang, "Secur and Privacy Preserving Broadcast Authentication for IVC," MS thesis, Distributed and Embedded Security Group, Mathematics and Computer Science, Universiteit Twente, 2012.
  14. Hendrik Schweppe, Yves Roudier, "Security issues in vehicular systems : threats, emerging solutions and standards," SAR-SSI2010, 5th Conference on Network Architectures and Information Systems Security, pp. 18-21, 2010.
  15. Karyn Hodgson, "The internet of security things," Integration & Networking Solutions, Vol. 45, Issue. 9, pp. 54-72, 2015.