PaaCSA: Phone as a Car Security Assistant

Increasing vehicular complexity also gives rise to an increase attack surface. To defend against current and future vehicular attacks, car manufacturers have to secure the on-board computers (ECUs). Securing the ECUs requires a balancing act between the cost of manufacturing each vehicle and the passenger's safety against cyber-security attacks. An imbalance in either direction is an undesirable solution to this problem. If a secure car is too expensive to manufacture, this will run the OEM out of business. On the other hand, if they do not invest enough into car security, then passengers' lives are at risk.

We propose a novel solution to help address this issue. We take advantage of the user's smartphone to bring car-security to today's drivers. By utilizing the highly-capable smartphone, we mitigate the cost of adding new security-enhancing hardware as well as bring security-assistance capabilities to the cars on the road today without waiting for the next generation of technological advances.

We propose a smartphone-based solution called PaaCSA -- Phone as a Car Security Assistant. PaaCSA uses multiple sensing modalities available in the smartphone to estimate and cross-validate sensor values reported by the vehicle. If any of the values present within the vehicle's communication networks deviates from the PaaCSA-estimated values --- due to sensor falsification or malfunction --- it raises an alarm and reports an error to the driver.

Faculty

• Kang G. Shin

Graduate Students

• Arun Ganesan