Penetration Testing of an In-Vehicle Infotainment System / Penetrationstestning av ett Infotainmentsystem i Fordon

Andersson, Philip

January 2022

With the growing demand for smart and luxurious vehicles, the automotive industry has moved toward developing technologies to enhance the in-vehicle user experience. As a result, most vehicles today have a so-called In-Vehicle Infotainment (IVI) system, or simply an infotainment system, which provides a combination of information and entertainment in one system. IVI systems are used to control, for instance, the audio, navigation, and air conditioning in vehicles. Increasingly more IVI systems are also connected to the internet which has enabled features such as web browsers and third-party apps on them. This raises questions concerning the cybersecurity of IVI systems. As more vehicles are connected to the internet, it increases the risk of vehicles getting hacked. Previous research has shown that it is possible to take control of an entire vehicle by hacking the IVI system. In this thesis, penetration testing was conducted on an IVI system included on a rig from Volvo Cars to find potential vulnerabilities in the system. To the best of the author’s knowledge, this is the first paper describing penetration tests performed on a greater attack surface of the Android Automotive operating system used by the IVI system than previous research which only focused on the attack surface of third-party apps. Moreover, threat modeling was performed by employing the threat analysis and risk assessment part of the ISO/SAE 21434: Road vehicles — Cybersecurity engineering. This has not yet been done in the research area of security of IVI systems as far as the author knows. The results from the various penetration tests show that no major vulnerabilities were discovered in the IVI system. However, several findings were made in the thesis where the main one was that multiple content providers, managing access to storage (e.g., relational databases) in Android, were found to be exported by Android apps on the IVI system, and that some of these were vulnerable to SQL injection. This vulnerability of some of the content providers was exploited but did not lead to any collection of private information. For future work, penetration testing of the cellular interface of the IVI system is suggested. / Med en ökad efterfrågan för smarta och lyxiga fordon så har fordonsindustrin behövt utveckla teknologier som förbättrar användarupplevelsen i fordon. Ett resultat av detta är att de flesta fordon idag har ett så kallat infotainmentsystem vilket kombinerar information och underhållning i ett system. Infotainmentsystem används till exempel för att styra ljudet, navigationen och luftkonditioneringen i fordon. Fler infotainmentsystem börjar också bli uppkopplade mot internet som möjliggör för användare att surfa på internet och ladda ner tredjepartsappar. Detta väcker frågor beträffande cybersäkerheten hos dessa. I takt med att fler fordon blir uppkopplade mot internet så ökar det risken för att fordon blir hackade. Tidigare forskning har visat att det är möjligt att ta kontroll över ett helt fordon genom att hacka infotainmentsystemet. I detta examensarbete har penetrationstestning utförts på ett infotainmentsystem som var inkluderad på en rigg från Volvo Personvagnar för att hitta potentiella säkerhetsbrister i infotainmentsystemet. Till författarens bästa vetskap är denna rapport den första som beskriver om penetrationstester utförda på en större attackyta av operativsystemet Android Automotive som används av infotainmentsystemet än tidigare forskning som bara har fokuserat på tredjepartsappar som attackyta. Hotmodellering har också utförts i examensarbetet enligt ett avsnitt kallad hotanalys och riskbedömning i ISO/SAE 21434: Vägfordon — Process och metod för cybersäkerhet. Detta har ännu inte gjorts inom forskningsområdet säkerhet för infotainmentsystem så vitt författaren känner till. Resultaten från de olika penetrationstesterna visar att inga allvarliga säkerhetsbrister hittades i infotainmentsystemet. Dock gjordes flera upptäckter under examensarbetet där den mest väsentliga var att ett flertal innehållsleverantörer, som hanterar åtkomst till lagring (t.ex. relationsdatabaser) i Android, var exporterade från Android appar på infotainmentsystemet, och att några av dem var sårbara till SQL-injektioner. Denna sårbarhet hos vissa innehållsleverantörer utnyttjades men ledde inte till någon insamling av privat information. Ett förslag för framtida arbeten är att utföra penetrationstestning på det mobila gränssnittet hos infotainmentsystemet.

Cybersecurity

Penetration testing

In-Vehicle Infotainment system

Android Automotive

ISO/SAE 21434

Cybersäkerhet

Penetrationstestning

Infotainmentsystem i fordon

Android Automotive

ISO/SAE 21434

Computer Sciences

Datavetenskap (datalogi)

An Ontology and Guidelines for Cybersecurity Risk Assessment in the Automotive Domain

Khalil, Karim

January 2023

This study aims to propose a knowledge base ontology for the ISO/SAE 21434 cybersecurity risk assessment activities in the automotive domain. The focus of the paper is to model how the standard views the tasks of Threat Analysis and Risk Assessment (TARA) and cybersecurity concept. The model is supported by practical knowledge gained from a design science activity at a major organization for supplying automotive solutions and components. The scope is limited to matters of methodology in systems security assessment. The meta-model shows concepts, relationships, and axioms describing the different activities, stakeholders, and inter-dependencies. Based on the model knowledge, an integrated approach of TARA guideline is created, describing the steps of each of the activities in which it has been adapted by the organization participating in an applied study. Additionally, to increase the efficiency of the human resources involved in the creation of the security artifacts, a proposal to utilize the model relationships and the guideline to automate recurring TARA tasks. Lessons learned from the applied study are presented. The study has adapted an evaluation strategy based on technical evaluation and user evaluation. The guideline was evaluated through gathering expert’s opinions in a qualitative approach. The ontology meta-model has been qualified for consistency through technical evaluation.

ISO/SAE 21434

Threat Analysis and Risk Assessment

Ontology

Cybersecurity Concept

Information Systems