Bedrohungen durch Scheduling-basierende Angriffsszenarien im Automotive-Bereich

To provide an intuitive experience for the driver, connecting objects and devices (Internet of Things IoT) as well as the digitalization of physical systems (cyber-physical system) are becoming prevalent in the automotive industry. Therefore, actuators, sensors and devices in the car are interconnected with the infotainment system. In recent years, cyber security researchers showed the vulnerabilities of cars for cyber attacks. All these attacks have in common that they can perform only actions which are provided by or implemented in the system, e.g. running the windshield wipers. In this paper we describe a new way of potential attacks based on the scheduling system of a control unit. Due to the ever-increasing amount of control tasks in a vehicle single-core systems are approaching their limits. For this purpose, multi- and many-core systems will be used in future. The scheduling system which distributes the computing time, e.g. for safety and security functions, is a potential target for future cyber attacks. These type of attacks can affect the real-time behaviour of a system and thereby delay or block the signal to trigger the airbag or the vehicle‘s brakes. In this paper, scheduling-based attack scenarios and their general operation are discussed.

Report