🤖 AI Summary
This study addresses the challenge of effectively evaluating security vulnerabilities in heterogeneous operating system stacks within software-defined vehicles, a task inadequately handled by existing tools. The authors propose a systematic vulnerability assessment methodology tailored for automotive operating systems, uniquely integrating CVE database–based vulnerability matching with realistic environment emulation via Docker containers to enable dynamic analysis of exploitability at the OS layer. This approach not only fills a critical gap in domain-specific vulnerability assessment tools but also uncovers widespread latent threats. Through empirical investigation, the work further elucidates practical technical constraints encountered during real-world exploitation, thereby providing both theoretical insights and actionable foundations for enhancing the security of software-defined vehicles.
📝 Abstract
Software-defined vehicles (SDVs) are revolutionizing transportation by integrating complex, interconnected hardware, and software systems. This evolution introduces significant security challenges. We present a comprehensive security analysis for SDVs, focusing on software vulnerabilities. We note that existing vulnerability assessment tools fall short in addressing operating systems vulnerabilities, particularly when it comes to efficiently analyzing diverse software stacks in realistic environments. We present and release a vulnerability assessment solution that efficiently addresses these limitations. Our approach combines systematic vulnerability discovery, leveraging public Common Vulnerabilities and Exposures (CVE) databases, within a dockerized development environment that evaluates exploitability risks. The results reveal both breadth of potential threats and the practical constraints we faced during exploitation. We discuss the implications for industry and research, and propose directions for building more resilient SDVs.