Summary
COSCA outputs a conceptual Framework for car security, drivers’ privacy and trust
enhancement, thus orienting the Next Generation Internet at its core.
Innovatively taking a socio-technical approach, the COSCA Framework rests on crowdsourced drivers’ perceptions and hence is rooted in the human beings that are actual users of the car technologies. COSCA also adopts a GDPR-inspired classification of the data collected by cars and treated by manufacturers, paying particular attention to cases that treat special categories of data such as biometric data.
Upon such bases, COSCA conducts a risk assessment exercise inspired to an ISO/IEC methodology conveniently tailored for car security risks and drivers’ privacy risks. The outcome of this exercise offers a compact yet expressive view of the security measures that would be necessary to mitigate the found risks and improve the car technologies, ultimately producing a more trustworthy system that combines, at least, car and driver.
Such improvements will be discussed and systematically classified within the COSCA Framework, notably for what pertains to the necessary security protocols, techniques to manage cryptographic material and relevant threat models. Additionally, the Framework will extend on the human-computer interfaces to enable drivers to consciously express their informed consent to data treatment and then exercise their rights, such as access and erasure.
The COSCA Framework will be publicly accessible, flexible and extensible. It means that it will offer researchers and practitioners a benchmark for their work. For example, a protocol designer could check whether a protocol withstands one of the threat models provided by the Framework. An engineer could focus on technologies as indicated by the risk assessment exercise or straight by people’s perceptions classified in the Framework. Moreover, everyone may make pull requests to extend the Framework, which the proponents plan to maintain by seeking additional funding at national and EU level.
Objectives
Modern cars host highly developed technologies, such as infotainment systems and e-call boxes, routinely connected to the Internet. This increases the possible attack surface, and a number of examples of remotely hijacked cars exist. Cars may also collect drivers’ (or passengers’) personal data, hence privacy becomes a concern.
The overall objective of COSCA is the conceptual development of a Framework that classifies all relevant elements in support of car security and drivers’ privacy. It will not be sheer technical exercise but, rather, be rooted in drivers’ perceptions, data classification and risk assessment. It will be publicly accessible, flexible and extensible.
The main aim of COSCA is to conceptualise car security. The aim is reached through 4
objectives:
1 - Summary of modern car drivers’ privacy perceptions and trust concerns
There would be limited use in addressing a problem that drivers did not feel. Despite a few recent headlines on attacks to real cars, there is limited literature demonstrating how drivers feel about their privacy in their cars and what level of trust they pose e.g. in the interconnected infotainment.
2 - Classification of types of data treated by modern car manufacturers
Android Auto is perhaps the best example demonstrating the integration of cars with the Internet. A scenario could leverage a hacked car. We must understand and gather what types of (personal) data categories cars are collecting - and their manufacturers are treating - notably if these include special categories according to Regulation (EU) 2016/679, known as GDPR.
3 - Assessment of car security risks and drivers’ privacy risks
Risks must not be presupposed, they must be assessed. This is especially true for risks affecting car security and drivers’ privacy. A structured, standard risk assessment methodology ought to be used to qualitatively assess such risks, then prioritise them and ultimately mitigate them.
4 - Conceptual framework for car security and drivers’ privacy
Notably, the relevant literature features a few prototypes of security protocols over CAN bus communication as well as a few realistic proofs of concept on possible attacks. However, a holistic view of the subject matter and its security and privacy problems is currently not available. The COSCA framework will provide that view.
Deliverables
The development of COSCA is described by the following deliverables:
1 - Drivers’ privacy concerns & trust perceptions
2 - Classifying data collected by cars
3 - Cybersecurity risk assessing per car brand
4 - COSCA framework for securing modern cars
Publications
Publications:
Car drivers' privacy concerns and trust perceptions,
G.Bella, P.Biondi, G.Tudisco.
In International Conference on Trust, Privacy and Security in Digital Business (TrustBUS 2021). (doi:10.1007/978-3-030-86586-3_10) , BibTeX , Link to arxiv.Privacy and modern cars through a dual lens,
G.Bella, P.Biondi, M.De Vincenzi, G.Tudisco.
In International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms (STRIVE21). (doi:10.1109/EuroSPW54576.2021.00022) , BibTeX , Link to arxiv.Towards the COSCA framework for "COnseptualing Secure CArs",
G.Bella, P.Biondi, G.Costantino, I.Matteucci, M.Marchetti.
In Open Identity Summit 2021 (OID2021). (doi:20.500.12116/36500) , BibTeX.
Dataset
WP1: Pilot study download CSV
WP1: Large study download CSV
WP1: Full study download CSV