A two-year survey on security challenges in automotive threat landscape

The threat landscape is changing and the connected-car now becomes a new cyber attack target. When mobile connects both car and the vehicle cloud via mobile apps, connected-car solutions are bringing new threats into the vehicle. As early as late 2013, we began to find security vulnerabilities for car makers, TSP (Telematics Service Providers), car sharing companies, OBD dongle manufacturers and auto app developers in their products and services. With our helps, those vendors have fixed security vulnerabilities. In our knowledge, it is first comprehensive connected-car security survey covering both premarket and aftermarket. More than 80 testing checkpoints have been applied on the security penetration testing. In this paper, we will show our research findings.