Secure Information Technology Center – Austria

Analysis of Car-Applications

It is due to the sustained popularity of mobile communication technologies in the last years, that they are now heavily deployed in the automotive sector. One example for this are mobile applications, which allow drivers to interact with their vehicles. Locking and unlocking or the remote starting of the climate control and the pre-heating are only one example for possible use cases of mobile applications.

However, several incidents in the past have shown, that the applications provided by manufacturers are not resilient to attacks and thus compromise the security of the overall system. As a result, mobile applications pose a potential field of application, which can benefit from the correct usage of secure information and communication technologies.

 

This survey will evaluate the state of the art of mobile applications for cars. It gives an overview of popular mobile applications for cars and their functionality. Additionality, this survey deals with the used technologies and authentication mechanisms. This data is further used to identify possible risks and attack vectors of mobile applications. The survey is complemented by a detailed analysis of applications of car manufacturers. The results show, that mobile applications for cars can be susceptible to targeted attacks and there is room for improvement. For the purpose of responsive disclosure, possible weaknesses are depicted, without disclosing specific applications.
Manufacturers will be noticed.

 

Downloads

Titel Version Datum
Project Report (in German) 1.0 2016-09-18

Posted 5.10.2016, Kategorie: IT-Security.