Bibliography

Bibliography#

[GMW18]

General Motors Worldwide (GMW). General Motors Local Area Network Enhanced Diagnostic Test Mode Specification. Standard GMW3110, General Motors Worldwide (GMW), 2018.

[And20]

Andrew. Hacking a mileage manipulator CAN bus filter device. 2020. https://dangerouspayload.com/2020/03/10/hacking-a-mileage-manipulator-can-bus-filter-device/.

[AUT20]

Release 4.2.2 AUTOSAR. Specification of Module Secure Onboard Communication. 2020. https://www.autosar.org/fileadmin/user_upload/standards/classic/4-2/AUTOSAR_SWS_SecureOnboardCommunication.pdf.

[BV18]

Computest Services B.V. The Connected Car - Ways to get unauthorized access and potential implications. Apr 2018. https://www.computest.nl/documents/9/The_Connected_Car._Research_Rapport_Computest_april_2018.pdf.

[BD22]

David BERARD and Vincent DEHORS. I feel a draft. Opening the doors and windows 0-click RCE on the Tesla Model3. October 2022. https://www.synacktiv.com/sites/default/files/2022-10/tesla_hexacon.pdf.

[BD24]

David BERARD and Vincent DEHORS. 0-Click RCE on the Tesla Infotainment Through Cellular Network. May 2024. https://www.synacktiv.com/sites/default/files/2024-05/tesla_0_click_rce_cellular_network_offensivecon2024.pdf.

[CWZ19]

Zhiqiang Cai, Aohui Wang, and Wenkai Zhang. 0-days & Mitigations: roadways to Exploit and Secure Connected BMW Cars. In BlackHat USA, 1–37. Aug 2019. https://i.blackhat.com/USA-19/Thursday/us-19-Cai-0-Days-And-Mitigations-Roadways-To-Exploit-And-Secure-Connected-BMW-Cars-wp.pdf.

[CMK+11]

Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In Proceedings of the 20th USENIX Conference on Security, SEC’11, 1–6. USA, 2011. USENIX Association.

[CS16]

Kyong-Tak Cho and Kang G. Shin. Error Handling of In-Vehicle Networks Makes Them Vulnerable. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, 1044–1055. New York, NY, USA, 2016. Association for Computing Machinery. URL: https://doi.org/10.1145/2976749.2978302, doi:10.1145/2976749.2978302.

[DBR+18]

Jürgen Dürrwang, Johannes Braun, Marcel Rumez, Reiner Kriesten, and Alexander Pretschner. Enhancement of Automotive Penetration Testing with Threat Analyses Results. SAE International Journal of Transportation Cybersecurity and Privacy, 1(2):91–112, 11 2018. doi:10.4271/11-01-02-0005.

[fSoAS03]

Association for Standardization of Automation and Measuring Systems. The Universal Measurement and Calibration Protocol Family. Standard ASAM MCD-1 XCP, Association for Standardization of Automation and Measuring Systems, Germany, DE, 2003. https://www.asam.net/standards/detail/mcd-1-xcp/.

[GOKPavlides16]

Flavio D. Garcia, David Oswald, Timo Kasper, and Pierre Pavlidès. Lock it and still lose it —on the (in)security of automotive remote keyless entry systems. In 25th USENIX Security Symposium (USENIX Security 16). Austin, TX, August 2016. USENIX Association. URL: https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/garcia.

[Gro20]

The Tcpdump Group. Linktype_can_socketcan - packet structure. 2020. https://www.tcpdump.org/linktypes/LINKTYPE_CAN_SOCKETCAN.html.

[Har15]

Dr. Oliver Hartkopp. Linux and ISO 15765-2 with CAN FD. 2015. https://s3.eu-central-1.amazonaws.com/cancia-de/documents/proceedings/slides/hartkopp_slides_15icc.pdf.

[Har11]

Oliver Hartkopp. Programmierschnittstellen für eingebettete Netzwerke in Mehrbenutzerbetriebssystemen am Beispiel des Controller Area Network. PhD thesis, Otto-von-Guericke-Universität Magdeburg, 2011. URL: http://dx.doi.org/10.25673/5117.

[Ini0)]

Zero Day Initiative. Pwn2Own Vancouver 2019: Wrapping Up and Rolling Out. 2020 (accessed February 29, 2020). https://www.zerodayinitiative.com/blog/2019/3/22/pwn2own-vancouver-2019-wrapping-up-and-rolling-out.

[KGAS19]

Sekar Kulandaivel, Tushar Goyal, Arnav Kumar Agrawal, and Vyas Sekar. CANvas: Fast and Inexpensive Automotive Network Mapping. In 28th USENIX Security Symposium (USENIX Security 19), 389–405. Santa Clara, CA, August 2019. USENIX Association. URL: https://www.usenix.org/conference/usenixsecurity19/presentation/kulandaivel.

[Lab16]

Tencent Keen Security Lab. Car Hacking Research: Remote Attack Tesla Motors. 2016. https://keenlab.tencent.com/en/2016/09/19/Keen-Security-Lab-of-Tencent-Car-Hacking-Research-Remote-Attack-to-Tesla-Cars/.

[Lab18]

Tencent Keen Security Lab. New Vehicle Security Research by KeenLab: Experimental Security Assessment of BMW Cars. 2018. https://keenlab.tencent.com/en/2018/05/22/New-CarHacking-Research-by-KeenLab-Experimental-Security-Assessment-of-BMW-Cars/.

[Lab20]

Tencent Keen Security Lab. Mercedes-Benz MBUX Security Research Report. 2020. https://keenlab.tencent.com/en/whitepapers/Mercedes_Benz_Security_Research_Report_Final.pdf.

[Mel24]

Willem Melching. Extracting secure onboard communication (secoc) keys from a 2021 toyota rav4 prime. 2024. https://icanhack.nl/blog/secoc-key-extraction/.

[MV13]

Dr. Charlie Miller and Chris Valasek. Adventures in Automotive Networks and Control Units. DEF CON 21 Hacking Conference. Las Vegas, NV: DEF CON, August 2013. http://illmatics.com/car_hacking.pdf.

[MV14]

Dr. Charlie Miller and Chris Valasek. A Survey of Remote Automotive Attack Surfaces. DEF CON 22 Hacking Conference. Las Vegas, NV: DEF CON, August 2014.

[MV15]

Dr. Charlie Miller and Chris Valasek. Remote Exploitation of an Unaltered Passenger Vehicle. DEF CON 23 Hacking Conference. Las Vegas, NV: DEF CON, August 2015.

[MV16]

Dr. Charlie Miller and Chris Valasek. Advanced can injection techniques for vehicle networks. In BlackHat USA. Aug 2016. http://illmatics.com/can%20message%20injection.pdf.

[Nol19]

Henrik Ferdinand Nölscher. CANBadger Wiki - Security Hijack. 2019. https://github.com/NoelscherConsulting/CANBadger-v2-Firmware/wiki/Security-Hijack.

[PC18]

Ramiro Pareja and Santiago Cordoba. Fault injection on automotive diagnostic protocols. 2018. https://www.riscure.com/uploads/2018/06/Riscure_Whitepaper_Fault_injection_on_automotive_diagnostic_protocols.pdf.

[Pen20]

PenTestPartners. Reverse Engineering Tesla Hardware. 2020. https://www.pentestpartners.com/security-blog/reverse-engineering-tesla-hardware/.

[SS18]

Ankita Sawanta and Lenina Svb. CAN, FlexRay, MOST versus Ethernet for Vehicular Networks. International Journal of Innovations & Advancement in Computer Science, pages, 04 2018.

[SN17]

Yuefeng Du Sen Nie, Ling Liu. FREE-FALL: HACKING TESLA FROM WIRELESS TO CAN BUS. 2017. https://www.blackhat.com/docs/us-17/thursday/us-17-Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf.

[Smi16]

Craig Smith. The Car Hacker’s Handbook: A Guide for the Penetration Tester. No Starch Press, USA, 1st edition, 2016. ISBN 1593277032.

[Spa15a]

Dieter Spaar. Beemer, Open Thyself! – Security vulnerabilities in BMW's ConnectedDrive. February 2015. https://www.heise.de/ct/artikel/Beemer-Open-Thyself-Security-vulnerabilities-in-BMW-s-ConnectedDrive-2540957.html.

[Spa15b]

Dieter Spaar. Beemer, Open Thyself! – Security vulnerabilities in BMW's ConnectedDrive. February 2015. https://www.heise.de/ct/artikel/Beemer-Open-Thyself-Security-vulnerabilities-in-BMW-s-ConnectedDrive-2540957.html.

[Sto18]

Brent C Stone. Enabling auditing and intrusion detection of proprietary controller area networks. pages 173, 2018.

[TAM+17]

Junko Takahashi, Yosuke Aragane, Toshiyuki Miyazawa, Hitoshi Fuji, Hirofumi Yamashita, Keita Hayakawa, Shintarou Ukai, and Hiroshi Hayakawa. Automotive Attacks and Countermeasures on LIN-Bus. Journal of Information Processing, 25:220–228, 02 2017. doi:10.2197/ipsjjip.25.220.

[Tin19]

Ken Tindell. CAN Bus Security - Attacks on CAN bus and their mitigations. 2019. https://canislabs.com/wp-content/uploads/2020/12/2020-02-14-White-Paper-CAN-Security.pdf.

[VdHG18]

Jan Van den Herrewegen and Flavio D. Garcia. Beneath the Bonnet: A Breakdown of Diagnostic Security, pages 305–324. Volume 11098 of Lecture Notes in Computer Science. Springer International Publishing, 2018. URL: http://link.springer.com/10.1007/978-3-319-99073-6_15, doi:10.1007/978-3-319-99073-6_15.

[WS20]

Ralf-Philipp Weinmann and Benedikt Schmotzle. TBONE – A zero-click exploit for Tesla MCUs. October 2020. https://kunnamon.io/tbone/tbone-v1.0-redacted.pdf.

[WRMM20]

Nils Weiss, Sebastian Renner, Jürgen Mottok, and Václav Matoušek. Transport layer scanning for attack surface detection in vehicular networks. In Computer Science in Cars Symposium, 1–8. ACM, 12 2020. URL: https://dl.acm.org/doi/10.1145/3385958.3430476, doi:10.1145/3385958.3430476.

[WMA+19]

Lennert Wouters, Eduard Marin, Tomer Ashur, Benedikt Gierlichs, and Bart Preneel. Fast, furious and insecure: passive keyless entry and start systems in modern supercars. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019(3):66–85, May 2019. URL: https://tches.iacr.org/index.php/TCHES/article/view/8289, doi:10.13154/tches.v2019.i3.66-85.

[ISOCSecretary89]

ISO Central Secretary. Information processing systems – Open Systems Interconnection – Basic Reference Model – Part 4: Management framework. Standard ISO/IEC 7498-4:1989, International Organization for Standardization, Geneva, CH, 1989. URL: https://www.iso.org/standard/14258.html.

[ISOCSecretary12]

ISO Central Secretary. Road vehicles – Unified diagnostic services (UDS) – Part 3: Unified diagnostic services on CAN implementation (UDSonCAN). Standard ISO 14229-3:2012, International Organization for Standardization, Geneva, CH, 2012. URL: https://www.iso.org/standard/55284.html.

[ISOCSecretary13]

ISO Central Secretary. Road vehicles – Unified diagnostic services (UDS) – Part 5: Unified diagnostic services on Internet Protocol implementation (UDSonIP). Standard ISO 14229-5:2013, International Organization for Standardization, Geneva, CH, 2013. URL: https://www.iso.org/standard/55287.html.

[ISOCSecretary16a]

ISO Central Secretary. Road vehicles – Diagnostic communication over Controller Area Network (DoCAN) – Part 2: Transport protocol and network layer services. Standard ISO 15765-2:2016, International Organization for Standardization, Geneva, CH, 2016. URL: https://www.iso.org/standard/66574.html.

[ISOCSecretary16b]

ISO Central Secretary. Road vehicles – Diagnostic communication over Controller Area Network (DoCAN) – Part 4: Requirements for emissions-related systems. Standard ISO 15765-4:2016, International Organization for Standardization, Geneva, CH, 2016. URL: https://www.iso.org/standard/67245.html.

[ISOCSecretary19]

ISO Central Secretary. Road vehicles – Diagnostic communication over Internet Protocol (DoIP) — Part 2: Transport protocol and network layer services. Standard ISO 13400-2:2019, International Organization for Standardization, Geneva, CH, 2019. URL: https://www.iso.org/standard/74785.html.

[KoscherCzeskisRoesner+10]

K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental Security Analysis of a Modern Automobile. In 2010 IEEE Symposium on Security and Privacy, volume, 447–462. May 2010. doi:10.1109/SP.2010.34.

[RobertBGmbHa]

Robert Bosch GmbH. Can specification. URL: http://esd.cs.ucr.edu/webres/can20.pdf.

[RobertBGmbHb]

Robert Bosch GmbH. Can with flexible data-rate specification 1.0. URL: https://can-newsletter.org/assets/files/ttmedia/raw/e5740b7b5781b8960f55efcc2b93edf8.pdf.