Threats against external vehicle interfaces
Before diving into real-world threats, let’s first define what a threat is and how it differs from an attack. Simply put, a threat represents the possibility of achieving an adverse effect on the vehicle stakeholders, through the exploitation of a security vulnerability or weakness. For example, an ECU that receives data over an insecure channel is exposed to the threat of data tampering by a threat agent with access to the vehicle network. On the other hand, an attack is the actual exploitation of a vulnerability or a weakness to realize the threat. For example, the threat of vehicle network data tampering can be realized by an attack in which network messages are intercepted, modified, and retransmitted to the target ECU. To derive attacks for a specific threat, it helps to identify the underlying vulnerability or weakness that makes the threat viable, turning the possibility of compromise (threat) into a realized action (attack...
