In 2014 I wrote my second bachelor thesis about “IT Security in Intelligent Transportation Systems” (yes we had to write 2 bachelor thesis in my university).
You can have a look at the full thesis below the abstract (I have to warn you: It is written in German).
To increase road safety, handle rising traffic volume and for integration of new services the automotive industry and various countries plan to introduce so-called Intelligent Transportation Systems (ITS). That means that vehicles start to communicate their status with each other and with the environment through wireless connections. But together with wireless communication many already well known security issues also arise. And in contrast to Wi-Fi for example the security issues in vehicles are directly linked to the safety of the whole system. If a hacker successfully manipulates the messages he can easily endanger people’s lives. Since there exist no official ITS yet, it is very difficult to determine the vulnerabilities, threats and risks of the system. Although it is for that reason a challenge to specify, standardize and implement counter-measures ETSI has done this and published their standards. As the published standards are new and there don’t exist implementations it is necessary to review them and compare them with already existing technologies such as Wi-Fi. Also it is required to verify if and how secure in-vehicle applications can be written by using the ETSI standards. For evaluation different projects from the past regarding ITS and ITS security are consulted and compared with the specification. Especially the detected problems of those projects need to be covered by the standards. The analysis shows that ETSI made a few assumptions which simplified the specification of the standards. If a real life ITS implementation varies from those assumptions then this might result in producer dependent differences which can lead to significant security vulnerabilities.
Download my second bachelor thesis