Kevin Klaus Gomez Buquerin hat seine Masterarbeit „Analysis of Digital Forensics Capabilities on State-of-the-art Vehicles“ an der INSicherheit – Ingolstädter Forschungsgruppe Angewandte IT-Sicherheit erfolgreich abgelegt. Herr Gomez stellt die Arbeit interessierten Lesern dankenswerterweise zur Verfügung: Link . Herr Gomez setzt seine Forschung als externer Doktorand an der INSicherheit fort. Wir freuen uns bereits auf die weitere Zusammenarbeit.
Abstract der Masterarbeit:
„Vehicles get increased attention in the field of security. During the car hack village at Defcon Security Conference in 2016, Charlie Miller and Chris Valasek proved that modern vehicles are vulnerable to manipulation and attacks. At Pwn2Own 2019, security researchers were able to manipulate the infotainment of a state-of-the-art electrical vehicle.
New technologies introduced in modern vehicles and new business mod- els, such as car sharing or features on demand, attract an increasing number of security researchers and malicious actors. As a result, Original Equipment Manufacturers (OEMs), legal institutions, insurance companies, and other entities need to be prepared for potential car security incidents. Such re- sponses include forensic analysis to resolve liability issues or identify possible flaws in vehicles.
The master thesis focuses on capabilities of digital forensics for automotive systems. On upcoming chapters, corresponding types of forensic analysis as well as resulting requirements and challenges for automotive forensics are presented. Furthermore, a four-step concept for digital forensic analysis on state-of-the-art vehicles is presented. The process includes a forensic readiness phase, data acquisition phase, analysis phase, and documentation phase. By using the On-Board Diagnostics (OBD)-II interface, an implementation of the presented concept is performed. Communication with a modern vehicle is conducted over Automotive Ethernet with Diagnostics over Internet Protocol (DoIP) and Unified Diagnostic Services (UDS). The concept itself and the automotive forensics results are evaluated for usability in possible prosecutions.
OBD-II is usable to collect data and use it for forensic analysis. On the other hand, several gaps and disadvantages that complicate or even pre- vent forensic analysis for modern vehicles, are identified. Furthermore, an approach to fix stated gaps is presented. “