, Security and privacy for in-vehicle networks, 2012 IEEE 1st International Workshop on Vehicular Communications, Sensing, and Computing (VCSC), 2012.
DOI : 10.1109/VCSC.2012.6281235
, Securing car2X applications with effective hardware-software co-design for vehicular on-board networks, 27 th VDI Conference on Automotive Security, pp.45-57, 2011.
, Car2X communication: Securing the last meter, WIVEC 2011, 4 th IEEE International Symposium on Wireless Vehicular Communications, pp.5-6, 2011.
, Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates, Nets4Cars, 3 rd International Workshop on Communication Technologies for Vehicles appeared in Springer LNCS 6596, pp.22-24, 2011.
DOI : 10.1007/978-3-642-19786-4_20
, Secure automotive on-board electronics network architecture, FISITA 2010, 32 nd World Automotive Congress, p.30
, Flexible On-Board Stream Processing for Automotive Sensor Data, IEEE Transactions on Industrial Informatics, vol.6, issue.1, pp.81-92, 1109.
DOI : 10.1109/TII.2009.2037145
, Securing Car2X Applications with effective Hardware- Software Co-Design for Vehicular On-Board Networks " , invited talk at Volkswagen AutoUni, 2011.
, The EVITA project " , Posters and Vehicle Demonstrator at 5 th Car2Car CC Forum, pp.24-25, 2011.
, Secure on-board protocols " , Presentation at Final EVITA Workshop on Security of Automotive On-Board Networks, 2011.
, The EVITA project: securing the networked vehicle " , invited Keynote Presentation at 9 th escar conference on embedded security in cars (escar), pp.9-10, 2011.
, EVITA: Secure On-Board Protocols, Press Workshop, Posters and Vehicle Demonstrator, 2011.
, A formal methodology applied to secure over-the-air automotive applications, VTC-Fall2011, IEEE 74 th Vehicular Technology Conference -VTC Fall 2011, pp.5-8, 2011.
, Security Requirements for Intersection Collision Warning " , Workshop Presentation at 4 th Car2Car CC Forum, 2010.
, The EVITA project, an overview " , Poster at 4 th Car2Car CC Forum, 2010.
, Secure on-board protocols " , CAST-Workshop on Mobile Security for Intelligent Cars, Presentation and Short Paper, 2010.
, Security issues in vehicular systems: threats emerging solutions and standards, th Conference Conference on Security in Network Architectures and Information Systems, State of the Art Presentation and Short Paper, pp.18-21, 2010.
, Guest lecture as part of Y. Roudier's course " Distributed Systems and Middleware, 2012.
, Student semester project Distributed and Embedded Intrusion Detection for Automotive Systems, 2009.
, Student semester project Security Middleware for Automotive Embedded Systems, 2010.
, Student semester project Simulating In-Vehicular Networking on the CAN bus co-supervised with Jérôme Härri. Security and Privacy in Automotive On-Board Networks Bibliography [AEKH + 10] Ludovic Apvrille, Secure automotive on-board electronics network architecture , FISITA'10, World Automotive Congress, p.2010, 2010.
, A UML-based environment for system design space exploration, ICECS '06, 13th IEEE International Conference on Electronics, Circuits and Systems, pp.1272-1275, 2006.
, Why information security is hard -an economic perspective, Seventeenth Annual Computer Security Applications Conference, IEEE, vol.138, pp.358-365, 2002.
, Abstraction-Carrying Code: a Model for Mobile Code Safety, New Generation Computing, vol.21, issue.3, pp.171-204, 2008.
DOI : 10.1007/s00354-008-0039-7
, Specification of crypto abstraction library v1.2.0 r4.0 rev. 3 , online, pp.2011-2029
, Hijacking RDS-TMC traffic information signals, The Phrack Magazine, 2007.
, Safety and security related features in AUTOSAR, Automotive -Safety & Security, pp.134-135, 2010.
, Dynamic Analysis of Malicious Code, Journal in Computer Virology, vol.2, issue.1, pp.67-77, 2006.
DOI : 10.1007/s11416-006-0012-2
, Ethernet for Automotive Applications, Freescale Technology Forum, vol.115, issue.159, pp.1-20, 2010.
, simTD Security Architecture: Deployment of a Security and Privacy Architecture in Field Operational Tests, 7th ESCAR Embedded Security in Cars Conference, p.15, 2009.
, Towards Practical Avoidance of Information Leakage in Enterprise Networks, p.2011
, Principles of remote attestation, 10th International Conference on Information and Communications Security, pp.63-81, 2011.
DOI : 10.1007/s10207-011-0124-7
, Information Flow for Secure Distributed Applications, pp.28-94, 2009.
, Johan Eker, and Karl-erikÅerikÅ rzén, Analysis and Simulation of Timing, IEEE Control Systems Magazine, pp.16-30, 2003.
, A quantitative study of accuracy in system call-based malware detection categories and subject descriptors, Proceedings of the 2012 International Symposium on Software Testing and Analysis (ACM ISSTA 2012), 2012.
, Dytan, Proceedings of the 2007 international symposium on Software testing and analysis, ISSTA '07, pp.196-206, 2007.
DOI : 10.1145/1273463.1273490
, Comprehensive experimental analyses of automotive attack surfaces, Proceedings of the 20th USENIX conference on Security, pp.43-75, 2011.
, Achieving confidentiality security service for can, Proceedings of the 15th International Conference on Electronics CONIELECOMP '05, pp.166-170, 2005.
, Cipher modes of operation; the cmac mode for authentication., NIST Special Publication 800-38b. National Institute of Standards and Technology (NIST), 2005.
, 2-12 Security and Firewall concepts for gateways, p.14, 2006.
, Taint- Droid: An information-flow tracking system for realtime pri- Security and Privacy in Automotive On-Board Networks 200 BIBLIOGRAPHY vacy monitoring on smartphones, Operating Systems Design and Implementation, pp.24-29, 2010.
, PiOS: Detecting privacy leaks in iOS applications The Internet Society, Network and Distributed System Security Symposium (NDSS), 2011.
, On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme, 2008.
DOI : 10.1007/978-3-540-85174-5_12
, Towards practical taint tracking, p.84, 2010.
, Ten risks of PKI: What you're not being told about public key infrastructure, Computer Security Journal, vol.16, issue.1, pp.1-7, 2000.
, A survey on automated dynamic malware-analysis techniques and tools, ACM Computing Surveys, vol.44, issue.2, pp.1-6, 2008.
DOI : 10.1145/2089125.2089126
, Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars, 18th Annual Network & Distributed System Security Symposium, Cryptology ePrint Archive, 2010.
, Fleetnet: Bringing car-to-car communication into the real world, Proceedings of 11th World Congress on ITS, pp.14-129, 2004.
, Defending embedded systems against control flow attacks, Proceedings of the first ACM workshop on Secure execution of untrusted code, SecuCode '09, pp.19-26, 2009.
, G5A Automotive Security ? Lastanforderung an die Kryptoeinheit, VDI 27. Gemeinschaftstagung on Automotive Security, pp.71-80, 2011.
, A Group Signature Based Secure and Privacy-Preserving Vehicular Communication Framework, 2007 Mobile Networking for Vehicular Environments, pp.103-108, 2007.
DOI : 10.1109/MOVE.2007.4300813
, Security architecture for vehicular communication, Fourth International Workshop on Intelligent Transportation (WIT2007), pp.73-125, 2007.
, Scalable dynamic information flow tracking and its applications, Parallel and Distributed Processing, IEEE International Symposium on, pp.14-18, 2008.
, SEIS -security in embedded ip-based systems, ATZ elektronik worldwide 1, pp.36-115, 2010.
, Thomas Wollinger, and Frank Zweers, OVERSEE a secure and open communication and runtime platform for innovative automotive applications , 7th ESCAR Embedded Security in Cars Conference, GHR + 09] André Groll, p.15, 2009.
, Computer security, Wiley Interdisciplinary Reviews: Computational Statistics, vol.3, issue.5, pp.544-554, 2010.
DOI : 10.1002/wics.106
URL : https://hal.archives-ouvertes.fr/hal-00587185
, Secure and authentic communication on existing in-vehicle networks, Intelligent Vehicles Symposium, IEEE, vol.73, issue.133, pp.1093-1097, 2009.
, Programmierschnittstellen für eingebettete Netzwerke in Mehrbenutzerbetriebssystemen am Beispiel des Controller Area Network, p.238, 2011.
, Intrusion detection using sequences of system calls, Journal of Computer Security, vol.6, issue.3, pp.151-180, 1998.
DOI : 10.3233/JCS-980109
, Operating systems technology for converged ECUs, 6th Embedded Security in Cars Conference (escar), 2008.
, Smartphone Weather App Builds A Mobile Botnet, Dark Reading, 2010.
, She: Secure hardware extension version 1, 2009.
, Adaptive Dynamic Reaction to Automotive IT Security Incidents Using Multimedia Car Environment, 2008 The Fourth International Conference on Information Assurance and Security, pp.295-298, 2008.
DOI : 10.1109/IAS.2008.45
, Strong VANET Security on a Shoestring, escar, pp.1-9, 2006.
, Backward Compatible Broadcast Authentication Protocol for CAN bus, escar 2011, embedded security in cars, pp.15-74, 2011.
, (E) ? Road vehicles ? Diagnostic systems ? Keyword Protocol, TC International Organization for Standardization, vol.22, issue.3, p.2000, 2000.
, Secure Automotive On-Board Protocols: A Case of Over-the-Air Firmware Updates, Nets4Cars-2011 3rd International Workshop on Communication Technologies for Vehicles (Nets4Cars-2011) (Oberpfaffenhofen- Wessling, p.2011
DOI : 10.1007/978-3-642-19786-4_20
, Fault-tolerant drive-bywire systems, Control Systems Magazine, IEEE, vol.22, issue.128, pp.64-81, 2002.
, VW opener and alarm deactivator , Multipick- Service tool 70470, manual online at www.multipick.com, 2012, p.79
, EMI Challenge to Ethernet in the Car, EE Times Europe, vol.13, issue.159, pp.1-6, 2010.
, Fast Simulation Techniques for Design Space Exploration, 47th International Conference Objects, pp.308-327, 2009.
DOI : 10.1109/TC.2006.16
, Herausforderung Sicheres Bordnetz (secunet AG and Elektrobit Automotive GmbH, VDI 27. Gemeinschaftstagung on Automotive Security, pp.59-70, 2011.
, Secure execution via program shepherding, USENIX Security Symposium (Dan Boneh USENIX, pp.191-206, 2002.
, Experimental Security Analysis of a Modern Automobile, 2010 IEEE Symposium on Security and Privacy, pp.72-75, 2010.
DOI : 10.1109/SP.2010.34
, Decoupling Dynamic Information Flow Tracking with a dedicated coprocessor, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, pp.105-114, 2009.
DOI : 10.1109/DSN.2009.5270347
, Specification and evaluation of e-security relevant use cases, p.48, 2009.
, Design principles for tamper-resistant smartcard processors, pp.9-20, 1999.
, Behavior-based Spyware Detection, Proceedings of the 15th USENIX Security Symposium, 2006.
, Capturing information flow with concatenated dynamic taint analysis, ARES, IEEE Computer Society, pp.355-362, 2009.
, Security aspects of the in-vehicle network in the connected car, 2011 IEEE Intelligent Vehicles Symposium (IV), pp.528-533, 2011.
DOI : 10.1109/IVS.2011.5940525
, The ITS App Store, ITS International, Intertraffic Amsterdam (Amsterdam), Dailynews, pp.39-41, 2010.
, Secure vehicular communication systems: implementation, performance, and research challenges, IEEE Communications Magazine, vol.46, issue.11, pp.110-118, 2008.
DOI : 10.1109/MCOM.2008.4689253
URL : http://arxiv.org/abs/0912.5393
, Keromytis, libdft: Practical Dynamic Data Flow Tracking for Commodity Systems, pp.28-93
, Using Elliptic Curve Cryptography (ECC) for Enhanced Embedded Security, 2004.
, Security architecture and mechanisms for V2V / V2I, p.14, 2008.
, Highway to hell: Hacking toll systems, Blackhat USA, 2008.
, SEVECOM -secure vehicle communication, Proceedings of IST Mobile Summit and 131.) Security and Privacy in Automotive On-Board Networks [LC06a] Lap Chung Lam and Tzi-cker Chiueh, A general dynamic information flow tracking framework for security applications, AC- SAC '06: Proceedings of the 22nd Annual Computer Security Applications Conference, pp.14-463, 2006.
, Pin: building customized program analysis tools with dynamic instrumentation, ACM SIGPLAN, vol.106, issue.156, p.84, 2005.
, Aleph One), Smashing the stack for fun and profit, The Phrack Magazine, 1996.
, Towards a Secure Automotive Platform, 2009.
, An approach to specification-based attack detection for in-vehicle networks, Intelligent Vehicles Symposium, pp.220-225, 2008.
, Renault debuts r-link, an in-dash android system with app market, engadget following press release by Renault at LeWeb'11, p.122, 2011.
, Entropy-based anomaly detection for in-vehicle networks, Intelligent Vehicles Symposium (IV), IEEE, pp.1110-1115, 2011.
, Ethernet ? the standard for in-car communication , 2nd Workshop for Ethernet and IP at Automotive Technology Day (Regensburg), 2012.
, Google cars drive themselves in traffic, The New York Times, Science, Smarter Than You Think, 2010.
, Attack detection for in-vehicle networks, VDI Conference on Automotive Security, p.95, 2009.
, Truncation attacks on macs, Electronics Letters, vol.39, issue.20, pp.1439-1440, 2003.
, An in-vehicle infotainment software architecture based on google android, 2009 IEEE International Symposium on Industrial Embedded Systems, pp.257-260, 2009.
DOI : 10.1109/SIES.2009.5196223
, Caution: Malware Ahead. An analysis of emerging risks in automotive system security, p.15, 2011.
, Proof-carrying code, POPL '97: Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp.106-119, 1997.
, Nissan pioneers first-ever independent control steering technology, Press Release, p.11, 2012.
, The design and implementation of a certifying compiler , SIGPLAN Not, Cited on page 23.) Security and Privacy in Automotive On-Board Networks 208 BIBLIOGRAPHY, pp.333-344, 1998.
, Efficient invehicle delayed data authentication based on compound message authentication codes, Vehicular Technology Conference (VTC Fall '08, pp.1-5, 2008.
, A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay, Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS'08 Advances in Soft Computing, pp.84-91, 2009.
DOI : 10.1007/978-3-540-88181-0_11
, Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software, NDSS, The Internet Society, 2005.
, Defeating return-oriented programming through gadget-less binaries, 26th ACSAC, 2010.
, The Morris worm: A fifteen-year perspective, IEEE Security & Privacy Magazine, vol.1, issue.5, pp.35-43, 2003.
DOI : 10.1109/MSECP.2003.1236233
, Akira Otsuka, and Hideki Imai, New Attestation Based Security Architecture for In-Vehicle Communication, Global Telecommunications Conference, IEEE GLOBECOM, vol.73, issue.133, pp.1-6, 2008.
, Secure vehicular communication systems: design and architecture, IEEE Communications Magazine, vol.46, issue.129, pp.100-109, 2008.
, security architecture implementation ? progress report, p.52, 2011.
, New light-weight crypto algorithms for rfid , Circuits and Systems, ISCAS 2007. IEEE International Symposium on, pp.1843-1846, 2007.
, The PRESERVE project: Preparing secure vehicle-to-x communication systems, pp.2011-2014
, Data-Centric Trust in Ephemeral Networks, pp.1-111, 2009.
, The security of vehicular ad hoc networks, Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks , SASN '05, pp.11-21, 2005.
DOI : 10.1145/1102219.1102223
, Machine Learning for Application-Layer Intrusion Detection, 2009.
, Wade Trappe, and Ivan Seskar, Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study, Proceedings of the 19th USENIX conference on Security, pp.13-83, 2010.
, CAN specification v2, 1991.
, Laminar: practical fine-grained decentralized information flow control, Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation PLDI '09, pp.63-74, 2009.
, Security in embedded systems, ACM Transactions on Embedded Computing Systems, vol.3, issue.3, pp.461-491, 2004.
DOI : 10.1145/1015047.1015049
, Security requirements for automotive on-board networks based on dark-side scenarios, Tech, pp.47-71, 2009.
, The SeVeCom project, p.14, 20062008.
, Secure on-board protocols specification, pp.49-150, 2010.
, Impact of Pseudonym Changes on Geographic Routing in VANETs, Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks ESAS'06, pp.43-57, 2006.
DOI : 10.1007/11964254_6
, Model-carrying code (mcc): a new paradigm for mobilecode security, NSPW '01: Proceedings of the 2001 workshop on New security paradigms, pp.23-30, 2001.
, Sichere mikroprozessorarchitekturen (infineon technologies ag, VDI 27. Gemeinschaftstagung on Automotive Security, pp.17-34, 2011.
, Model-carrying code: a practical approach for safe execution of untrusted applications, SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp.15-28, 2003.
, Traveller Information Services Association The traffic message channel (TMC)
, The robot that won the darpa grand challenge: Research articles, J. Robot. Syst, vol.23, issue.9, pp.661-692, 2006.
, On Interdomain Security: Trust Establishment in Loosely Coupled Federated Environments, p.260, 2008.
, Security of Truncated MACs, Lecture Notes in Computer Science, vol.5487, pp.96-114, 2008.
DOI : 10.1007/978-3-642-01440-6_10
, Toyota to recall Prius hybrids over ABS software, Computerworld, 2010.
, Efficient software-based fault isolation, Proceedings of the fourteenth ACM symposium on Operating systems principles SOSP '93, pp.203-216, 1993.
DOI : 10.1145/173668.168635
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.123.1419
, Secure on-board architecture specification, pp.48-57, 2010.
, Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks, Proceedings of the 15th conference on USENIX Security Symposium -Volume USENIX- SS'06, USENIX Association, p.28, 2006.
, Experience with Abstraction-carrying Code, Electronic Notes in Theoretical Computer Science, vol.89, issue.3, 2003.
DOI : 10.1016/S1571-0661(05)80005-2
, Panorama: capturing system-wide information flow for malware detection and analysis, Proceedings of the 14th ACM conference on Computer and communications security, pp.116-127, 2007.
, Privacy scope: A precise information flow tracking system for finding application leaks, p.27, 2009.
, TaintEraser, ACM SIGOPS Operating Systems Review, vol.45, issue.1, p.84, 2011.
DOI : 10.1145/1945023.1945039
, Taint-Exchange: A Generic System for Cross-Process and Cross-Host Taint Tracking, Proceedings of the 6th International conference on Advances in information and computer security, pp.113-128, 2011.
DOI : 10.1145/1945023.1945039