Securing Connected and Automated Vehicle through Proactive Vulnerability Analysis and Security Enhancement
dc.contributor.author | Hu, Shengtuo | |
dc.date.accessioned | 2023-01-30T16:08:58Z | |
dc.date.available | 2023-01-30T16:08:58Z | |
dc.date.issued | 2022 | |
dc.date.submitted | 2022 | |
dc.identifier.uri | https://hdl.handle.net/2027.42/175586 | |
dc.description.abstract | The rapidly evolving Connected and Autonomous Vehicle (CAV) technology brings new security challenges to vehicular systems, because newly introduced communication and system components inevitably increase the attack surface of vehicles if being abused, leading to potential safety hazards on the road. For example, the emerging Connected Vehicle (CV) technology, which enables vehicles to exchange safety and mobility information wirelessly (e.g., location and speed) with traffic infrastructure and other vehicles, opens a door for spoofing attacks. On the other hand, the development of Autonomous Vehicle (AV) results in the increasing data transfer needs of various sensors (e.g., cameras, LiDAR), which stimulates the adoption of Automotive Ethernet, the next-generation in-vehicle network. However, no common standard has been established for the security protocol of the in-vehicle Ethernet network. Therefore, it is highly desirable to systematically understand vulnerabilities in the current CAV systems and the corresponding security/safety consequences to proactively uncover and address these flaws before large-scale deployment. To achieve this goal, in this dissertation, we demonstrate that rigorous techniques, such as formal methods, program analysis, and the trusted execution environment (TEE), can be used for proactive vulnerability discovery and security enhancement in the safety-critical CAV system. At the design level, we leverage formal methods to uncover design flaws and ensure the security guarantee of the proposed defense. To study the emerging CV network interface, we propose a model-checking-based approach, CVAnalyzer, that harnesses the attack discovery capability of the general model checker and the quantitative threat assessment of the probabilistic model checker to automate the analysis. For in-vehicle Ethernet security, we present Gatekeeper, a gateway-based source authentication protocol. Except for the source authentication property, we then verify that Gatekeeper can defend against the spoofing attack and alleviate the impact of the DoS attack. At the implementation level, we employ both static and dynamic program analysis. To defend against the spoofing attack, we build a TEE-based defense system, CVShield, to protect the integrity of the sensor data reading and processing pipeline. To uncover semantic vulnerabilities in the CAV system, we prototype CAVFuzzer that incorporates a novel object-level mutator and utilizes the data-flow feedback to guide the fuzzing process. | |
dc.language.iso | en_US | |
dc.subject | Connected and Autonomous Vehicle (CAV) | |
dc.subject | Connected Vehicle (CV) | |
dc.subject | Autonomous Vehicle (AV) | |
dc.subject | Vulnerability discovery | |
dc.subject | Security enhancement | |
dc.subject | Program analysis | |
dc.title | Securing Connected and Automated Vehicle through Proactive Vulnerability Analysis and Security Enhancement | |
dc.type | Thesis | |
dc.description.thesisdegreename | PhD | en_US |
dc.description.thesisdegreediscipline | Computer Science & Engineering | |
dc.description.thesisdegreegrantor | University of Michigan, Horace H. Rackham School of Graduate Studies | |
dc.contributor.committeemember | Mao, Z Morley | |
dc.contributor.committeemember | Masoud, Neda | |
dc.contributor.committeemember | Kasikci, Baris | |
dc.contributor.committeemember | Prakash, Atul | |
dc.subject.hlbsecondlevel | Computer Science | |
dc.subject.hlbtoplevel | Engineering | |
dc.description.bitstreamurl | http://deepblue.lib.umich.edu/bitstream/2027.42/175586/1/shengtuo_1.pdf | |
dc.identifier.doi | https://dx.doi.org/10.7302/6800 | |
dc.identifier.orcid | 0000-0003-1687-1081 | |
dc.identifier.name-orcid | Hu, Shengtuo; 0000-0003-1687-1081 | en_US |
dc.working.doi | 10.7302/6800 | en |
dc.owningcollname | Dissertations and Theses (Ph.D. and Master's) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.