Academic journal article Journal of Financial Management & Analysis

Techno-Financial Management Aspects of Potential Threat - Vulnerability of Malware in Automotive Electronics : Analytical Research Findings

Academic journal article Journal of Financial Management & Analysis

Techno-Financial Management Aspects of Potential Threat - Vulnerability of Malware in Automotive Electronics : Analytical Research Findings

Article excerpt


The increasing computerization of our economy and the deployment of Information and Communication Technology (ICT) in almost every aspect of modern life carry some risks which must be effectively tackled. A big threat with more and more incidents being reported comes from computer malware (see Figure 1), which allows an adversary to launch an attack that disrupts the normal functioning of a system1. The 2008 Symantec Internet Security Threat Report announced that there are over one million computer viruses in circulation; most developed in the year 2007'. In the past, malicious code (Malware) has been categorized neatly (e.g., viruses, worms, or Trojan Horses) based upon functionality and attack vector. Today, malware is often modular and multi-faceted; instead of fitting squarely into a certain category, many malware specimens represent more of a "blended-threat," with diverse functionality and varied means of propagation Consequences of such attacks are varied in magnitude depending on their ability to infect other programs and documents. Malware exploits vulnerabilities in software systems and critical applications to internally disrupt them or subvert them for other purposes or they can affect different systems (including critical systems) in a number of ways that make it difficult to control or protect a system from these attacks

There has been media attention regarding an alleged computer virus that had infected a luxury car model. Supposedly, the virus entered the car through the Bluetooth wireless link. The purpose of the Bluetooth interface was to enable drivers to use their symbian-powered cell phones to carry on hands-free conversations through the cars' speakers and microphone2. This incident was investigated by antivirus experts from F-Secure. They concluded that a mobile phone virus could not spread to cars via Bluetooth3. IBM released a report that cars are vulnerable to computer security threats. According to this report, most new car models have about twenty microprocessors and about 60MB of software code. This could open up potential risks for malfunctions, wireless attacks and other security threats4. According to Computer Economics3, the estimated worldwide damages caused by three well-known worms in 2001 (Code Red, Nimda and Slammer), exceeded $4 billion. The financial loss caused by malware has been as high as $13.3 billion in 2006 6.

Today, embedded electronics and software are key enabler of automotive functions. The value of electronics in a vehicle has been constantly increasing when compared to other industries from a mere 5 per cent of a car's total cost in 1980 to almost 20 per cent in an typical vehicle today - even more in luxury cars7. It is expected to be 24 per cent by the y ear 20 1 08 and 50 per cent of the ' vehicles cost with the widespread deployment of fuel cells engines in 2020.


Estimates suggest that the typical luxury sedan now contains million of line of code over 100 MB of binary code spread across 50-70 independent computers9. Software in cars (see Figure 2), is only going to grow in both in amount and complexity. The radio and navigation system in the current S-class Mercedes-Benz requires over 20 million lines of code alone and that the car contains nearly as many ECUs as the new Airbus A380 (excluding the plane's in-flight entertainment system). Boeing's new 787 Dreamliner, requires about 6.5 million lines of software code to operate its avionics and onboard support systems10. The business research firm Frost and Sullivan estimated that cars will require 200 million to 300 million lines of software code in the near future.

It began in 1978 with introduction of ABS by Mercedes-Benz. A decade later OEMs had introduced networks as a part of automotive electronics architectures to realize more advanced functions, rapidly increasing the number of Electronic Control Units (ECU). The Mercedes S-class from 1991 had more than 50 ECUs and more than 2 km of wiring" (see Figure 3). …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.