Engineering Security for Mobility Systems
Sustainable transport is a major challenge on the way to decarbonization and climate neutrality. Meeting this challenge will not only involve next-generation drive technology, but also introduce new, smart mobility concepts. The key to these concepts lies in an increasing interconnection of vehicles, travelers, and transport infrastructure, thereby raising the level of data exchange. This future development will also enlarge the attack surface of mobility systems – a domain in which successful attacks can quickly compromise functional safety. Security vulnerabilities will thus restrict the acceptance of future mobility concepts, thereby threatening the achievement of climate goals. Accordingly, sustainable mobility of the future must not (and cannot) be achieved without security of the underlying mobility systems.
The mission of Subtopic 3 “Engineering Security for Mobility Systems” (Security Lab Mobility) is to shape the future of secure mobility. On the one hand, this involves research into reliable protection mechanisms, which act as building blocks of mobility systems and contribute directly to the security of travelers. On the other hand, the subtopic includes research into efficient development measures, which support engineers in securing mobility systems along their entire life cycle. In the context of the lab, both topics are closely intertwined to ensure the efficient application of reliable protection mechanisms in development practice. To this end, the Lab combines forces of several Research Groups with focus areas spanning security research, software engineering, and law.
A common research interest of the Subtopic is the future concept of shared mobility, in which not only vehicles are shared by travelers, but also transport systems are shared by providers of different mobility services. In both cases, sharing causes competitive situations in which travelers or providers constitute insider threats, as they are tempted to launch attacks in order to advance their personal interests.
Reserach Area 1 – In-Vehicle Security
Reserach Area 1 – In-Vehicle Security
Involved PIs: Ina Schaefer (Head), Christian Wressnegger, J. Marius Zöllner
Active Researchers: Tim Bächle, Alessandro Erba, Morten Harter, Yilin Ji, Svetlana Pavlitska, Nicolai Polley, Rasmus Rønneberg
This Research Area addresses the security of in-vehicle functionality such as embedded driving functions that are allocated to control units. Preventing security vulnerabilities in those functions is challenging, as they are increasingly implemented by artificial intelligence, their set of features is highly variable, and they are often developed in collaboration with external suppliers. Since driving functions are used to control the vehicle motion, a particular challenge in this Research Area is to prevent the escalation of security vulnerabilities into safety hazards.
Research Area 2 – Securing Vehicular Communication
Research Area 2 – Securing Vehicular Communication
Involved PIs: Ingmar Baumgart, Oliver Raabe, Ralf Reussner (Head), Ina Schaefer
Active Researchers: Nicolas Boltz, Christopher Gerking, Mahdi Jafari, Leonie Sterz, Marek Wehmer, Christoph Werner
The goal of this Research Area is the security against attacks on vehicle-to-everything (V2X) communication, which is crucial to both cooperative applications (e.g., driver assistance) and competitive applications (e.g., traffic control). The communication involves not only vehicles but also travellers and the transport infrastructure, thereby forming an intelligent transport system. Such systems put the confidentiality and integrity of the exchanged data at risk, which requires protection against or (at least) detection of corresponding attacks. A particular challenge of this Research Area is to ensure legal compliance of the security restrictions imposed on different stakeholders.
Research Area 3 – Secure Mobility Services
Research Area 3 – Secure Mobility Services
Involved PIs: Hannes Hartenstein, Jörn Müller-Quade, Ralf Reussner (Head), Andy Rupp
Active Researchers: Valerie Fetzer, Matthias Grundmann, Sebastian Hahner, Marc Leinweber, Markus Raiber, Thomas Weber
In this Research Area, the focus is on the protection of smart services used by travellers. In the context of Mobility as a Service (MaaS), mobility systems are distributed among multiple providers, each one offering individual services. Due to the distribution, procedures like ticketing, billing, bookkeeping, and analytics give rise to privacy incidents or financial fraud. To achieve a proper level of protection, mobility services require countermeasures based on state-of-the-art security technology. In this context, a particular goal of the Research Area is the security and privacy of payment processes involving cryptocurrency.
| Name | Function | |
|---|---|---|
| Ralf Reussner | ralf reussner ∂does-not-exist.kit edu | Co-Spokesperson |
| Ina Schaefer | ina schaefer ∂does-not-exist.kit edu | Spokesperson |
| Christopher Gerking | christopher gerking ∂does-not-exist.kit edu | Lab Leader |