loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Benjamin Eriksson ; Jonas Groth and Andrei Sabelfeld

Affiliation: Department of Computer Science and Engineering, Chalmers University of Technology, Gothenburg and Sweden

Keyword(s): In-vehicle App Security, API Security, Program Analysis for Security, Infotainment, Information Flow Control, Android Automotive.

Abstract: Digitalization has revolutionized the automotive industry. Modern cars are equipped with powerful Internet-connected infotainment systems, comparable to tablets and smartphones. Recently, several car manufacturers have announced the upcoming possibility to install third-party apps onto these infotainment systems. The prospect of running third-party code on a device that is integrated into a safety critical in-vehicle system raises serious concerns for safety, security, and user privacy. This paper investigates these concerns of in-vehicle apps. We focus on apps for the Android Automotive operating system which several car manufacturers have opted to use. While the architecture inherits much from regular Android, we scrutinize the adequateness of its security mechanisms with respect to the in-vehicle setting, particularly affecting road safety and user privacy. We investigate the attack surface and vulnerabilities for third-party in-vehicle apps. We analyze and suggest enhancements to such traditional Android mechanisms as app permissions and API control. Further, we investigate operating system support and how static and dynamic analysis can aid automatic vetting of in-vehicle apps. We develop AutoTame, a tool for vehicle-specific code analysis. We report on a case study of the countermeasures with a Spotify app using emulators and physical test beds from Volvo Cars. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 13.58.112.1

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Eriksson, B.; Groth, J. and Sabelfeld, A. (2019). On the Road with Third-party Apps: Security Analysis of an In-vehicle App Platform. In Proceedings of the 5th International Conference on Vehicle Technology and Intelligent Transport Systems - VEHITS; ISBN 978-989-758-374-2; ISSN 2184-495X, SciTePress, pages 64-75. DOI: 10.5220/0007678200640075

@conference{vehits19,
author={Benjamin Eriksson. and Jonas Groth. and Andrei Sabelfeld.},
title={On the Road with Third-party Apps: Security Analysis of an In-vehicle App Platform},
booktitle={Proceedings of the 5th International Conference on Vehicle Technology and Intelligent Transport Systems - VEHITS},
year={2019},
pages={64-75},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007678200640075},
isbn={978-989-758-374-2},
issn={2184-495X},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Vehicle Technology and Intelligent Transport Systems - VEHITS
TI - On the Road with Third-party Apps: Security Analysis of an In-vehicle App Platform
SN - 978-989-758-374-2
IS - 2184-495X
AU - Eriksson, B.
AU - Groth, J.
AU - Sabelfeld, A.
PY - 2019
SP - 64
EP - 75
DO - 10.5220/0007678200640075
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic