Automotive Cyber-Security

The introduction of Information and Communications Technologies (ICT) systems into vehicles make them more prone to cyber-security attacks. Such attacks may impact on vehicles capability and, consequently, on the safety of drivers, passengers. Indeed, the strong integration between dedicated ICT devices, the physical environment, and the networking infrastructure, leads to consider modern vehicles as Cyber-Physical Systems.
My research interest on Automotive Cyber-Security focuses on the CAN-bus protocol and, in particular, the security property such as Confidentiality, Integrity and Authentication. Android-based radio system is also part of my research activity in automotive. In particular, we exploit Android Radio to remotely access the car and read data coming from car's sensors. These involve the parking-camera, the internal microphone, GPS, and other CAN-bus information, like engine RMP, fuel, brakes and others.

Scientific Publications

  • Antonia Bertolino, Antonello Calabró, Felicita Di Giandomenico, Giuseppe Lami, Francesca Lonetti, Eda Marchetti, Fabio Martinelli, Ilaria Matteucci, Paolo Mori: A tour of secure software engineering solutions for connected vehicles. Software Quality Journal, (), 1-34. DOI 10.1007/s11219-017-9393-3. Online 21 November 2017.
  • Gianpiero Costantino, Antonio La Marra, Fabio Martinelli, Ilaria Matteucci: “CANDY: A Social Engineering Attack to Leak Information from Infotainment System” CA2V@VTS Spring 2018. Porto, Portugal.
  • Gianpiero Costantino, Fabio Martinelli, Ilaria Matteucci, Francesco Mercaldo: “Improving Vehicle Safety through a Fog Collaborative Infrastructure” SIW@SMARTCOMP 2018, Taormina, Italy.
  • Gianpiero Costantino, Fabio Martinelli, Ilaria Matteucci: Exploiting Vehicles' Reputation to Mitigate DoS Attack. AMARETTO@MODELSWARD 2016: 75-82.

Events

  • Chair of STRIVE2018 The 1st International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms.
  • Invited Talk: Safety and Privacy in Intelligent Transport Systems.

Research and Development Project

The project Crazy-Tachymeter has been developed by Pietro Biondi at University of Catania. It is a preliminar results of a joint reserach activity on the introduction of security features on top of the CAN protocol used in intra-vehicles communication.

Your car spies you

We produce a video of our attack on Android In-Vehicle Infotainment (IVI) system. The video is presented during the CyberSecurity Lab at Pisa (16th of November).


Italian Version English Version
Same video at the Cnr WebTV La tua auto ti spia

T-TOUR 2018: "E se ti hackero l'autoradio?"

Newspapers

TIn the following, some italian online newspaper talking about our research on automotive on December 2017.
Pisa Today Pisa Informa Flash Virgilio Qui news Pisa Libero.it Corriere Adriadico - Motori Ufficio Stampa Cnr Il Messaggero il Mattino Quotidiano di Puglia Kia Club
The newpaper article of January 2018 and reported on the CNR official Webpage.


In June 2018, an extended an more tehcnical version of the article appeared on Agenda Digitale and in July 2018 on Security Online.