Damaged or burning hybrid and electric vehicles receive special attention in the media landscape. This leads to uncertainty among prospective buyers and consequently to a loss of confidence in the technology. Vehicle accidents or fires are caused by system malfunctions, among other things. Especially the large amount of complex software inevitably leads to software vulnerabilities that malicious attackers could possibly exploit to manipulate the system. On the one hand, this impairs the functionality of an ECU, such as the battery management system, and on the other hand the ECU can be used as a basis for further attacks. The consequences are not only damage to the image of electromobility and recall campaigns, but also potential damage to people and the environment. In order to increase confidence in hybrid and electric vehicles, the risk of accidents or fires of these vehicles must be reduced. Consequently, vulnerabilities in automotive software must be detected and corrected at an early stage.
The main objective of the project HATS3 ("Holistic Automotive Testing of Security, Safety, and Storage (HATS3)") is the construction of a test bench for realistic security tests on vehicles while stationary and while driving, as well as the ability to conduct safety-relevant experiments on hybrid and electric vehicles. In addition, a method for increasing the degree of automation in the field of automotive penetration testing is to be developed in order to be able to standardize tests and to be able to cost-effectively test software in early development stages.
The traction battery is one of the most expensive components of an electric or hybrid vehicle. Since the capacity of the battery has a significant influence on the range of the vehicle, but is also subject to wear and tear and must be replaced at the end of its service life at great expense, the manipulation of battery characteristics (e.g. charging cycles, date of manufacture, operating hours, rapid charging processes) - similar to resetting mileage - represents a lucrative attack scenario for fraud with used cars. It is also conceivable that the tuning scene is very interested in battery storage systems, since an increase in the vehicle's mileage or range can be "bought" by deliberately misprogramming the battery management system, accepting that the battery will wear out or be damaged more quickly. This can represent a considerable financial risk for the manufacturer in terms of warranty. In addition, the tamper-proof detection of counterfeit or improperly repaired battery modules is an important component in the defence against unjustified warranty claims.
A further objective is therefore the targeted development of knowledge in the field of IT forensics for warranty and insurance claims for hybrid and electric vehicles. Existing test bench methods are to be further developed. Within the framework of HATS3, research is carried out on the identification and evaluation of accident-relevant data (ABS, ESP, airbag, ...) for accident reconstruction in order to be able to uncover possible insurance fraud.
In summary, the objectives of HATS3:
- Design and development of a test bench for realistic security tests on vehicles while stationary and while driving
- Gain ability to perform safety-relevant experiments on hybrid and electric vehicles
- Design and development of methods and tools to increase the degree of automation in the field of automotive penetration testing
- Increase knowledge in the field of IT forensics for warranty and insurance claims of hybrid and electric vehicles
Funding reference number: 13FH7E02IA
Funding agency: Federal Ministry of Education and Research, Research at Universities of Applied Sciences