Warenkorb anzeigen
 
 
im Gesamtkatalog   nur in Informatik & EDV > Sonstiges
   
 
     
  Architektur
Bau- & Umwelttechnik
Belletristik
Betriebswirtschaft
Biologie
Briefe, Bewerbung, Rhetorik
Chemie
Entspannung & Meditation
Esoterik & Anthroposophie
Essen und Trinken
Fitness, Aerobic, Bodybuilding, Gymnastik
Garten, Pflanzen, Natur
Geowissenschaften
Geschenkbücher
Geschichte
Gesundheit, Körperpflege
Heimwerken
Hobby, Freizeit, Natur
Informatik & EDV
Innenarchitektur & Design
Journalistik & Presse
Kinder- & Jugendliteratur
Kunst
Lebensführung
Literaturwissenschaft
Lyrik, Dramatik, Essays
Management
Mathematik
Mechanik & Akustik
Medien & Kommunikation
Medizin & Pharmazie
Musik
Nachschlagewerke
Naturmedizin & Homöopathie
Naturwissenschaft & Technik
Partnerschaft, Beziehungen
Pädagogik
Philosophie
Physik & Astronomie
Politik, Gesellschaft, Arbeit
Psychologie
Recht
Reise
Religion
Romane, Erzählungen & Anthologien
Sachbuch / Ratgeber
Schule & Lernen
Soziologie
Sport
Sprachwissenschaft
Steuern
Technik
Theater, Ballett & Film
Tiere
Tiermedizin
Umwelt, Land- & Forstwirtschaft
Verlagswesen, Buchhandel, Bibliothekswesen
Völkerkunde & Volkskunde
Werbung & Marketing
Wirtschaft 		 
 
 

Design, Architektur & bildende Kunst
Aktuelle Buchempfehlungen

 
   
 
 
   
Buchcover Titelblatt Vorwort Klappentext Inhaltsverzeichnis Register Autor 
 

 


vergrössern
Weiterempfehlen
Security Engineering for Vehicular IT Systems
Neu   59.95 EUR   In den Warenkorb

  
 
 

Foreword

Information technology is the driving force behind almost all innovations in the automotive industry, with perhaps 90% of all innovations in cars based on digital electronics and software. Dozens of networked microprocessors and several hundred megabytes of software can be found in a common compact class car, controlling engine and driving functions, assisting the driver and enabling various comfort, infotainment and safety functions. One crucial aspect of digital systems in vehicles is their security. Whereas software safety is a relatively well-established (if not necessarily well-understood) field, the protection of automotive IT systems against malicious manipulations has only recently started to emerge. Even though many European car manufacturers have lately established R&D groups that are dedicated to embedded security in cars, so far there has not been an allencompassing reference of this topic.

The book by Dr. Marko Wolf fills this gap, and is by far the most comprehensive treatment of IT security in vehicles available today. A particular challenge of automotive IT security is its interdisciplinary nature. Dr. Wolf has done an outstanding job incorporating disjoint areas in one comprehensive treatment. The book ranges from the relevant security technologies to a systematic analysis of security risks all the way to solution using state-of-the-art security methods.

Despite the fact that much of the material is based on results from the research community, Dr. Wolf succeeded in presenting all aspects in a very clear and accessible manner. I am convinced that the book will become an invaluable reference for designers and developers in the automotive industry, as well as for researchers in academia.

Prof. Dr.-Ing. Christof Paar
Chair for Embedded Security
Ruhr University Bochum

Preface

"I believe in horses. Automobiles are a passing phenomenon." The German Kaiser Wilhelm II. (1859-1941) in 1905.

What the Motivation for This Book Is

In spite of the German Emperor's prophecy of doom, automobiles revolutionized our lives long ago. About a hundred years after the invention of the automobile, automotive technology itself is about to experience a revolution: the digital, networked car. Until twenty years ago, automotive vehicles were virtually closed electromechanical systems with only some small isolated non-critical IT applications, whereas today the fully software-driven, digitally networked and interactive vehicle is already in the offing.

Replacing steel and mechanics with information technology consisting of bits and bytes enables highly sophisticated, intelligent, interactive functionality, which could hardly have been realized solely with electromechanical controls. Furthermore, software-driven vehicular functionality improves flexibility as well as technical and economic efficiency considerably. By networking vehicles in such a way that they can wirelessly exchange messages with traffic infrastructures and other vehicles, passive dumb vehicles are changed into interactive intelligent communication nodes. Vehicular communications, for instance, will considerably improve road safety, if vehicles warn each other about local dangers. It would further help to face one of today's largest wastes of resources: the daily traffic jam. By enabling precise interactive real-time traffic control systems, traffic jams could be prevented before they actually set in.

This favorable development of vehicles becoming software-driven digital nodes within a vehicular communication network will, however, inherently introduce many dangers. Even though most vehicular applications are developed to face various (random) technical failures (e.g., by verifying checksums or ensuring high redundancy), they almost never consider a human attacker who uses a certain functionality in a syntactically correct way, but in a bad faith. Attacks on similarly complex and networked digital IT systems, such as personal computers, handheld devices, or web servers, can already wreak havoc. However, their malicious impacts are usually to some extent "limited" in terms of wasted time, lost sales, or even destroyed documents. The attack potential of malicious encroachments on vehicular IT systems, in contrast, goes from bogus warning messages over attacks on traffic IT infrastructures, which could cause the collapse of the entire traffic of a city, up to "terrorist attacks" on individual cars. For the latter, even simple encroachments on a real-time IT system, which controls two tons of steel at 130 km/h, can actually have devastating consequences for health and life of the vehicle occupants and other road users.

Despite these alerts, many of today's vehicular IT applications are susceptible to various malicious encroachments and require dependable security measures not only to ensure driving safety. The number of potentially endangered vehicular applications is astoundingly big. Even though mainly less critical topics such as antitheft protection or illegal chip tuning still dominate the area of vehicular IT security, many future applications, which have already left the desks of the automotive research departments towards series production, can never be realized without strong IT security measures. Dependable security measures are further essential to protect the liability, the revenues, and the expertise of vehicle manufacturers and suppliers besides various newly emerging security requirements (e.g., privacy) from drivers and occupants for several upcoming vehicular business and legacy applications.

The actual subject matter of this work is to prevent a similar scenario of ceaseless security vulnerabilities, as known from the world of personal computers connected to the Internet, in future vehicular IT systems. This is all the more important because in the automotive domain a single successful attack can already suffice to seriously jeopardize the public confidence in a brand, even if the actual endangerment remains marginal [Puc01]. The work you are holding in your hand is actually the first attempt to give a comprehensive and detailed insight into the emerging area of vehicular security engineering.

What This Book Is About

This work gives a comprehensive and detailed insight into the emerging area of vehicular security engineering, which aims to ensure the trustworthiness and dependability of vehicular IT applications. It should help you to understand the specifics whenever designing security critical vehicular applications while providing you with a solid set of general approaches, practical methods, and helpful implementation concepts. Therefore, it can be seen as a textbook as well as a practical guide, which helps you:

  • to learn about threats to vehicular IT systems by showing various current and forward looking exemplary security-critical vehicular applications,
  • to understand what causes these threats by analyzing possible attack incentives, attackers, and attack methods,
  • to reduce security vulnerabilities and security risks by providing practical methods for designing, implementing, and enforcing security efficiently in the automotive domain.

Thus, this book should, on the one hand, be of interest to automotive engineers and technical managers who want to learn about security technologies, and, on the other hand, to people with a security background who want to learn about security issues in modern automotive applications. In particular, this book can serve as an aid for people who need to make informed decisions about vehicle security solutions, and for people who are interested in research and development in this exciting field.

What This Book Is Not About

This book is not a replacement for reading one of those great security books that cover the topic of IT security in general. Even though this book tries to give a short general introduction into cryptography and IT security, it cannot replace further readings, which can be found for instance in [And01, SB07, Sti95].

This book is not concerned with vehicular IT safety. Even though IT safety and IT security are indeed interleaved fields and sometimes have fuzzy boundaries, this book is only concerned with the protection of vehicular IT systems against malicious encroachments (i.e., IT security) and not with precautions against random technical failures (i.e., IT safety).

This book is further not concerned with IT security of backend IT infrastructures. Protecting offboard servers and networks is a topic of its own, which is covered by general network and system security.

This book is also not a detailed implementation or configuration setup tutorial. This book intends to help you understand the specifics, which have to be taken into account whenever designing security-critical vehicular applications. Since IT security is rather a continuous individually tailored process than a standardized building block, virtually no book can give you a ready-made security solution which you could simply add to the corresponding product.

Finally, this book should not be useful to people trying to compromise vehicular IT applications or to break into vehicular IT systems.

How This Book Is Organized

This book is divided into three parts.

Part I: The Preliminaries. The first chapter gives a short introduction into the problem and helps you to understand and define the matter. It reviews related work in the field of vehicular IT security and provides a short introduction into security and cryptography, which is essential for vehicular security engineering.

Part II: The Threats. First, this part tries to raise awareness of the strong necessity of vehicular IT security by identifying, explaining, and classifying potential threats, potential attacks, and potential attackers for various current and future vehicular IT applications. However, this part also presents the multitude of new possibilities enabled by properly implemented vehicular IT security. This work further describes how to deduce appropriate vehicular security requirements which can thwart afore identified security threats properly. The last chapter of this part indicates characteristical advantages and constraints which arise when establishing IT security in the automotive domain.

Part III: The Protection. The final part of this work provides a solid set of practical security technologies and security mechanisms that are able to implement the identified security requirements efficiently and dependably in the automotive domain. Before ending with a detailed conclusion, it lastly describes some important organizational security aspects from the vehicular manufacturer's perspective, which have to be considered when establishing vehicular IT security.

Acknowledgments

Many people have helped me to realize this book. I wish to personally thank at least all the people from the Chair for Embedded Security at Ruhr University Bochum, in particular my Ph.D. advisor and highly valued mentor Christof Paar, my current employer escrypt GmbH who enabled me to continue working in my favorite research area in theory and practice, all the people from Vieweg+Teubner Verlag helping me to publish this book, and last but not least all my good friends, my loved family, and especially Ellen.

Marko Wolf


 
   


Newsletter bestellen


 
    Titelempfehlungen aus dem Sachgebiet Sonstiges:
 
       
Reinschauen  

Car Multimedia Systeme Modell-basiert testen mit SysML
Reinschauen  

  
   
Reinschauen  

Spatial Awareness of Autonomous Embedded Systems
Reinschauen  

  
   
Reinschauen  

MES
Reinschauen  

  
   
Reinschauen  

Office 2008 für Mac für Dummies
Reinschauen  

  
   
Reinschauen  

AutoCAD für Dummies
Reinschauen  

  
   
Reinschauen  

The IT Continuing Training System and its International Dimension
Reinschauen  

  
   
Reinschauen  

Informix 11.5
Reinschauen  

  
   
Reinschauen  

Webbasierte Datenintegration
Reinschauen  

  
   
Reinschauen  

Wissensbasen und Expertensysteme in der Medizin
Reinschauen  

  
   
Reinschauen  

Web Usability
Reinschauen  

  
   
Reinschauen  

Ordnungen, Verbände und Relationen mit Anwendungen
Reinschauen  

  
   
Reinschauen  

SPSS 16 für Dummies
Reinschauen  

  
   
Weitere Titel anzeigen aus dem Sachgebiet Sonstiges  
   

 
 
 
Einkaufen so komfortabel wie in der Buchhandlung: blättern und lesen im Buch vor dem Kauf. Bestellen Sie bei Gefallen das gewünschte Buch über den Onlineshop.
 
© 2000 - 2012  www.DeutschesFachbuch.de
Impressum | AGB | Datenschutz